sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-28 07:21:54 +03:00
Code
70,711 Commits 60 Branches 1,144 Tags 452 MiB
bcdacff168
Commit Graph

114 Commits

Author SHA1 Message Date
Andrew Bartlett
f768b32e37 libcli/security Provide a common, top level libcli/security/security.h 
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.

This includes (along with other security headers) dom_sid.h and
security_token.h

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
 2010-10-12 05:54:10 +00:00
Günther Deschner
4dbd743e46 s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions. 
Guenther
 2010-09-20 14:04:37 -07:00
Günther Deschner
2b41f421fd s3-idmap: only include idmap headers where needed. 
Guenther
 2010-08-26 00:20:29 +02:00
Günther Deschner
aba1bf4b5e s3-build: only include memcache.h where needed. 
Guenther
 2010-08-26 00:20:28 +02:00
Günther Deschner
c136b84f0d s3-secrets: only include secrets.h when needed. 
Guenther
 2010-08-05 10:12:25 +02:00
Andreas Schneider
a81b97ff34 s3-passdb: Make sure that we don't assign garbage. 2010-06-28 10:18:12 +02:00
Simo Sorce
0a7ff14617 s3:passdb Export function to calculate the proper primary group sid 
Don't keep it buried in passdb, this function need to be available
for use in places where we do not want to construct an artificial
samu struct just to play tricks.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-06-07 22:53:08 +10:00
Günther Deschner
f9f8007361 s3-build: only use ndr_security.h where needed. 
Guenther
 2010-05-31 11:32:37 +02:00
Andrew Bartlett
cba7f8b827 s3:dom_sid Global replace of DOM_SID with struct dom_sid 
This matches the structure that new code is being written to,
and removes one more of the old-style named structures, and
the need to know that is is just an alias for struct dom_sid.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
 2010-05-21 10:39:59 +02:00
Jelmer Vernooij
b8268cf7b0 s3: Remove use of iconv_convenience. 2010-05-18 11:45:31 +02:00
Volker Lendecke
5197d76faa s3: Make a debug msg more readable 2010-04-28 10:55:50 +02:00
Volker Lendecke
48251c3370 s3: Use sid_check_is_in_our_domain instead of a direct sid_peek_check_rid 2010-01-10 20:56:16 +01:00
Volker Lendecke
3ea64e0ad8 s3: Replace most calls to sid_append_rid() by sid_compose() 2010-01-10 20:56:16 +01:00
Michael Adam
30ab3a762e s3:passdb: remove the uid_to_rid method - we only need uid_to_sid 
Michael
 2009-11-14 01:28:50 +01:00
Günther Deschner
1f4d26c487 s3-lsa: allow to lookup BUILTIN\ in lsa_LookupNames. 
Found by RPC-LSA-LOOKUPNAMES torture test.

Guenther
 2009-10-20 15:28:31 +02:00
Volker Lendecke
a488334bf1 Rename LOOKUP_NAME_EXPLICIT to LOOKUP_NAME_NO_NSS 
It took me a bit to understand what this flag does. I hope this is
a bit clearer, at least it is to me.
 2009-07-31 23:19:05 +02:00
Michael Adam
a4bc5bfa95 s3:passdb: fix bug #6509: use gid (not uid) cache in fetch_gid_from_cache(). 
With the previous code, the cache can never have been hit at all.

Michael
 2009-06-26 14:15:44 +02:00
Marc VanHeyningen
75de7c0e87 s3: zero an uninitialized array 
Invalid pointers were being dereferenced in lookup_sids causing
occasional seg faults.

Signed-off-by: Tim Prouty <tprouty@samba.org>
 2009-05-27 12:37:35 -07:00
Aravind Srinivasan
5aefb44bf0 s3: Fallback to the legacy sid_to_(uid|gid) instead of returning NULL. 
This is very similar to be1dfff02d
 2009-05-12 17:13:40 -07:00
Jeremy Allison
b4c9cfb2af Fix a bunch of compiler warnings about wrong format types. 
Should make Solaris 10 builds look cleaner.
Jeremy.
 2009-05-11 21:56:57 -07:00
Volker Lendecke
f91565544f Fix bug 6097 
A client sent a SID with authority 0 and 0 sub-authorities. W2k3 replies with
NT_STATUS_INVALID_SID, even if other SIDs in the list are valid.

Thanks to Pavel <wylda@volny.cz> for the bug report!
 2009-03-24 11:59:42 +01:00
Tim Prouty
ef89c4bc0d s3 passdb: Add back some useful debug statements 
Originally removed in be1dfff02d
 2009-03-03 16:49:36 -08:00
Dan Sledz
be1dfff02d It appears that the first time we see a uid/gid that winbind can't map, 
we end up returning the null sid instead of falling back to the legacy
code.  Next time through the code we'll hit the negative cache and do
the right thing, but we still fail the first time.

If we fail the winbind id to sid mapping, call the legacy version.  This
catches the case where we don't have a negative cache entry for the mapping.
This is better than returning the NULL sid to the caller.
 2009-03-02 16:50:19 -08:00
Jelmer Vernooij
08259c1c52 Add iconv_convenience argument to size functions. 2009-01-01 04:45:33 +01:00
Günther Deschner
992c03a192 s4-lsa: merge lsa_LookupSids/{2,3} from s3 lsa idl. 
Guenther
 2008-10-27 19:33:23 +01:00
Simo Sorce
3fa16da8c7 Revert "Split lookup_name() and create a new functiong called" 
This reverts commit 8594edf666.
(This used to be commit ad462e2e2d)
 2008-09-03 14:36:43 -04:00
Simo Sorce
c5894e1477 Merge branch 'v3-devel' of ssh://git.samba.org/data/git/samba into v3-devel 
(This used to be commit 8e4dca3b94)
 2008-09-03 11:52:54 -04:00
Jeremy Allison
dc3f6b0861 Fix bug spotted by Simo - don't use legacy if expired entry. 
Jeremy.
(This used to be commit a7bbd33139)
 2008-08-26 18:05:34 -07:00
Jeremy Allison
d1f140a9ba Don't ask winbindd if we got a -ve cache entry. 
Jeremy.
(This used to be commit 91f85d0dca)
 2008-08-26 16:14:25 -07:00
Simo Sorce
a1de4e988d Merge branch 'v3-devel' of ssh://git.samba.org/data/git/samba into v3-devel 
(This used to be commit e038f1cf9f)
 2008-08-26 18:56:49 -04:00
Jeremy Allison
95cc5ee395 Fix the build :-(. Ask winbindd if we find a negative cache entry (or should 
we just call the legacy function ?).
Jeremy.
(This used to be commit 566d3b6e76)
 2008-08-26 15:51:56 -07:00
Jeremy Allison
d2f223d83d Get smbd to look (read-only) into the winbindd cache for uid/gid <--> sid mappings. 
Jeremy.
(This used to be commit 31ba955d69)
 2008-08-26 14:52:11 -07:00
Simo Sorce
5e7655fa27 Split lookup_name() and create a new functiong called 
lookup_domain_name(). This new function accept separated
strings for domain and name.
(This used to be commit 8594edf666)
 2008-08-17 19:54:41 -04:00
Volker Lendecke
e613ecbea5 Revert "Make use of sid_check_is_in_unix_users/groups" 
This reverts commit cd8e63b2b4.
(This used to be commit 061e55d4f4)
 2008-07-11 17:53:25 +02:00
Volker Lendecke
68071e94a5 Revert "Don't scream, better explain a bit in comments" 
This reverts commit dcc39ed004.
(This used to be commit 26ca09a357)
 2008-07-11 17:53:25 +02:00
Volker Lendecke
d803fa6e46 Revert "Remove an unused variable" 
This reverts commit 454cb852e0.
(This used to be commit cae8ec3199)
 2008-07-11 17:53:25 +02:00
Volker Lendecke
b611fd9550 Remove an unused variable 
(This used to be commit 454cb852e0)
 2008-07-03 16:44:13 +02:00
Volker Lendecke
d1635687ae Don't scream, better explain a bit in comments 
(This used to be commit dcc39ed004)
 2008-07-03 11:08:51 +02:00
Volker Lendecke
abb42b267b Make use of sid_check_is_in_unix_users/groups 
Don't replicate code unnecessarily
(This used to be commit cd8e63b2b4)
 2008-07-03 11:08:51 +02:00
Volker Lendecke
3643aa9a63 Fix a panic in the [ug]id2sid valgrind bug fix 
Always, always run "make test" before pushing stuff :-)
(This used to be commit 1444db8be1)
 2008-05-06 13:56:21 +02:00
Volker Lendecke
1fe90d8d04 Fix a valgrind bug in the new [ug]id2sid cache 
When we're given a SID, it is not always padded with zeros. Only look at the
initialized parts in the SID.
(This used to be commit 8717085dba)
 2008-05-06 12:16:02 +02:00
Jeremy Allison
8b3004bcf9 Don't return true on talloc fail. 
Jeremy.
(This used to be commit 21594cb34c)
 2008-02-05 18:05:59 -08:00
Michael Adam
76e5c1f79a Fix lookup_sids to detect unix_groups and unix_users domain sids. 
This fixes panics in wbcLookupRids when 1-2-22 was passed as a
domain sid.

Michael
(This used to be commit c0d9732cf4)
 2008-01-25 01:42:22 +01:00
Michael Adam
60daaeeb34 Add a debug message: show the sid lookup_sid() was called for. 
Michael
(This used to be commit 6c7c6c3f85)
 2008-01-25 01:42:22 +01:00
Michael Adam
d682e04828 Add a debug message to lookup_rids() printing the domain SID. 
This is to ease debugging. I sporadically get panics that are
apparently due to NULL domain sid passed to lookup_rids somewhere.

Michael
(This used to be commit 723e877c24)
 2008-01-25 01:42:22 +01:00
Volker Lendecke
a55a08a217 Convert the [gu]id_sid cache to memcache 
(This used to be commit 4baf36784f)
 2007-12-23 12:43:29 +01:00
Michael Adam
9f5a16a22d Remove direct caller of secrets_fetch_trusted_domain_password(). 
This is a regession introduced by f7efc0eca9.
This calls pdb_get_trusteddom_pw() instead, again.

Michael
(This used to be commit 91be824d2b)
 2007-12-17 14:51:37 +01:00
Michael Adam
81327b1613 Fix for bug #4801: Correctly implement lsa lookup levels for lookupnames. 
This patch is still incomplete in that winbindd does not walk
the the trusted domains to lookup unqualified names here.
Apart from that this fix should be pretty much complete.

Michael
(This used to be commit f7efc0eca9)
 2007-12-17 13:06:13 +01:00
Volker Lendecke
900288a2b8 Replace sid_string_static by sid_string_dbg in DEBUGs 
(This used to be commit bb35e794ec)
 2007-12-15 22:09:36 +01:00
Stefan Metzmacher
adc31b9235 Revert "Fix for bug #4801: Correctly implement lsa lookup levels for lookupnames." 
As it breaks all tests which try to join a new machine account.
So more testing is needed...

metze

This reverts commit dd320c0924.
(This used to be commit cccb80b7b7)
 2007-12-14 08:28:10 +01:00