samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

Author	SHA1	Message	Date
Andreas Schneider	0ede70c51a	libcli: Add security_token_system_privilege(). Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>	2013-08-06 14:41:58 +02:00
Matthias Dieter Wallnöfer	618c11cc15	libcli/security/privileges.c - fix wrong counter type This strictly needs to be from type "uint32_t" since "privset->count" is defined with this type.	2011-02-21 10:43:43 +01:00
Matthias Dieter Wallnöfer	e7659fa802	libcli/security/privileges.c - fix the counting of privileges Since the privileges are always counted with a signed integer, there is no reason to specify the upper limit with a "uint32_t".	2011-02-21 10:43:43 +01:00
Jeremy Allison	75508cea4a	Turns out there are lots of places in S3 where token passed in here can be NULL (become_root() sets the current security token to NULL for example). Ensure we don't crash. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Dec 2 03:26:03 CET 2010 on sn-devel-104	2010-12-02 03:26:03 +01:00
Jeremy Allison	e00c2b3cdf	Add code to implement SeSecurityPrivilege in net rpc rights, and in the open and get/set NT security descriptor code. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Oct 21 00:15:57 UTC 2010 on sn-devel-104	2010-10-21 00:15:57 +00:00
Andrew Bartlett	0487ef0a70	libcli/security Add debug class to security_token_debug() et al This will allow it to replace functions in source3 that use debug classes. Andrew Bartlett	2010-10-12 02:54:16 +00:00
Andrew Bartlett	fdcadb5c3c	libcli/privileges Fix comment	2010-09-11 18:46:13 +10:00
Andrew Bartlett	0eea8ecfe2	s4-privs Seperate rights and privileges These are related, but slightly different concepts. The biggest difference is that rights are not enumerated as a system-wide list. This moves the rights to security.idl due to dependencies. Andrew Bartlett	2010-09-11 18:46:13 +10:00
Andrew Bartlett	eb6a0cc326	libcli/security Move 'private' privileges functions to another header These functions work on the bitmap, and are only exposed because the source3/ privileges storage uses the bitmap in account_policy.tdb Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:13 +10:00
Andrew Bartlett	6d2b1ef71d	libcli/security Remove 'always true' return from se_priv_put_all_privileges Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:13 +10:00
Andrew Tridgell	382e2b321b	privileges: privilege luids are not all below 64 the ones brought across from s3 have higher values Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>	2010-09-11 18:46:12 +10:00
Andrew Bartlett	a32cdadb7c	libcli/security Make sec_privilege_from_index() return SEC_PRIV_INVALID on failure This is clearer and more consistent than using a magic -1 return Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:11 +10:00
Andrew Bartlett	71832a404e	libcli/security Expose sec_privilege_mask() Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:11 +10:00
Andrew Bartlett	6d78e11e17	libcli/security make sec_privilege_id() return SEC_PRIV_INVALID on failure. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:10 +10:00
Andrew Bartlett	8ff6bc2350	libcli/security Remove unused functions and constants. All the callers to these functions have been removed or reworked. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:10 +10:00
Andrew Bartlett	a53a42ffb8	libcli/security Rename all privilege bitmaps constants The idea here to to make it very clear how they differ from the enumerated LUID values. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:10 +10:00
Andrew Bartlett	2bb7b827d6	libcli/security Remove luid_to_se_priv() and luid_to_privilege_name() These functions duplicate other functions in the merged code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:10 +10:00
Andrew Bartlett	aab0b557b9	libcli/security Improve dump of privileges: Just walk the table This removes some logic recently added that was just too smart - it is easier to just walk the table and do a bit match here. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:09 +10:00
Andrew Bartlett	0e2142a927	s3-privs Remove pointer indirection from se_priv_to_privilege_set() Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:09 +10:00
Andrew Bartlett	cbd72ab93b	libcli/security Don't export privs[] as a global variable Instead, provide access functions for the LSA and net sam callers for the information they need. They still only enumerate the first 8 privileges that have traditionally been exposed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:08 +10:00
Andrew Bartlett	3c93d1ecbf	libcli/security Merge privilege lists from source3 and source4 The LSA enumeration in source3 will not show the new privileges, but otherwise, they are now in common, and can be set by name. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:08 +10:00
Andrew Bartlett	d2e41105e2	libcli/security Return number of entries in the old source3 list This ensures there isn't a behaviour change when the source3 list is combined with the longer source4 list. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:08 +10:00
Andrew Bartlett	eb8e3155de	libcli/privileges Simplify get_privilege_luid() to return just the enum As Samba only deals with the lower 32 bits of the LUID, just return those and let the LSA layer deal with the upper 0 bits. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:08 +10:00
Andrew Bartlett	cdda15c062	libcli/security Don't memcpy a uint64_t value, just assign it. Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:08 +10:00
Andrew Bartlett	780de03f00	libcli/security Use ARRAY_SIZE() consistantly. This avoids the use of SE_END, and has all callers walking the array using the same termination condition. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:08 +10:00
Andrew Bartlett	66ac968dd5	libcli/security Fix and clarify privilege manipulation function comments Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:07 +10:00
Andrew Bartlett	9fb92c6014	libcli/security Make the two privileges tables share a common struct definition Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:07 +10:00
Andrew Bartlett	dbee98d30f	libcli/security Move source4/ privileges code into the common libcli/security Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:07 +10:00
Andrew Bartlett	b29b6c13a3	s3-privs Inline dump_se_priv into callers now that it's just a uint64_t The previous 128 bit structure needed this helper function. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:07 +10:00
Andrew Bartlett	f85b822bd4	libcli/security Use talloc_realloc() not TALLOC_REALLOC_ARRAY() Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:07 +10:00
Andrew Bartlett	3f589c2155	libcli/security Use C99 types Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:07 +10:00
Andrew Bartlett	b0690d6da7	libcli/security Use true and false, not True and False Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:06 +10:00
Andrew Bartlett	f20bba97d8	s3-privs Move source3/ privileges implmentation into common Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>	2010-09-11 18:46:06 +10:00

33 Commits