1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-29 11:21:54 +03:00
Commit Graph

117 Commits

Author SHA1 Message Date
Jean-François Micouleau
fac01bda8b Changed again how the privilege list is handled in the group mapping code.
This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It
makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP
struct as some privilege showing in USRMGR.EXE are not real privs but a
bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT
3.1 box to verify, but I'm too lazy (yes I still have my CDs).

Added 3 more LSA calls: SetSystemAccount, AddPrivileges and
RemovePrivileges, we can manage all this privilege from UserManager.

Time to change the NT_USER_TOKEN struct and add checks in all the rpc
functions. Fun, fun, fun.

        J.F.
(This used to be commit 3f0a9ef2b8)
2001-11-29 16:05:05 +00:00
Andrew Bartlett
b47f6a4448 Fix ./configure --enable-developer warnings (shadow of global)
(This used to be commit 3f1cfb62e8)
2001-11-25 02:08:43 +00:00
Jean-François Micouleau
ca477a61e7 added lsaenumprivsaccount and lsalookupprivvalue to rpcclient
and more to come ...

	J.F.
(This used to be commit 1748d5a2af)
2001-11-24 00:13:41 +00:00
Jean-François Micouleau
2527f5ef52 Changed how the privileges are stored in the group mapping code. It's now
an array of uint32. That's not perfect but that's better.

Added more privileges too.

Changed the local_lookup_rid/name functions in passdb.c to check if the
group is mapped. Makes the LSA rpc calls return correct groups

Corrected the return code in the LSA server code enum_sids.

Only enumerate well known aliases if they are mapped to real unix groups.
Won't confuse user seeing groups not available.

Added a short/long view to smbgroupedit.

now decoding rpc calls to add/remove privileges to sid.

        J.F.
(This used to be commit f29774e589)
2001-11-23 15:11:22 +00:00
Jean-François Micouleau
fbfd27a495 added lsa_enum_sids to rpcclient
fixed lsa_enum_rpivs server code. This time it works as W2K.
fixed smbgroupedit to compile and work.

	J.F.
(This used to be commit 646651018a)
2001-11-22 23:50:16 +00:00
Jean-François Micouleau
33e20222e0 add another command to rpcclient: getdispname. Show the full description
of a privilege.

	J.F.
(This used to be commit 84035ae72f)
2001-11-22 16:54:48 +00:00
Jean-François Micouleau
2e8ae88785 add a command to rpcclient: enumprivs
J.F.
(This used to be commit fa63cb78e3)
2001-11-22 16:12:43 +00:00
Tim Potter
dc1fc3ee8e Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.
(This used to be commit 2d0922b0ea)
2001-10-02 04:29:50 +00:00
Andrew Tridgell
19fea3242c the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but the client code still needs some work
(This used to be commit dcd6e735f7)
2001-09-04 07:13:01 +00:00
Andrew Tridgell
b031af348c converted another bunch of stuff to NTSTATUS
(This used to be commit 1d36250e33)
2001-08-27 19:46:22 +00:00
Jeremy Allison
659774bffd Fixed malloc -> talloc problems pointed out by Simo.
Jeremy
(This used to be commit 0f5b187387)
2001-08-24 07:32:51 +00:00
Jean-François Micouleau
0a33cb45c1 implement:
LSA_ENUM_PRIVS
	LSA_PRIV_GET_DISPNAME
	LSA_ENUM_ACCOUNTS
	LSA_OPENACCOUNT
	LSA_ENUMPRIVSACCOUNT
	LSA_GETSYSTEMACCOUNT

It's a work in progress. nobody should expect it to work

	J.F.
(This used to be commit 3056357cd8)
2001-07-09 18:32:54 +00:00
Jeremy Allison
8d0b9cf534 Added LsaGetConnectedCredentials patch from Manoj Naik <manoj@almaden.ibm.com>.
Jeremy.
(This used to be commit 7079300da6)
2001-06-29 23:12:55 +00:00
Jeremy Allison
9a89a5b4fa Removed unused (and potentially crash-causing) free function.
Jeremy.
(This used to be commit 54ea00fa87)
2001-06-22 02:37:52 +00:00
Tim Potter
12ef6bc03e Fixed typo in comment.
(This used to be commit a8c49d1e60)
2001-05-08 04:00:01 +00:00
Jeremy Allison
da3053048c Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMR
RPC code to merge with new passdb code.
Currently rpcclient doesn't compile. I'm working on it...
Jeremy.
(This used to be commit 0be41d5158)
2001-03-11 00:32:10 +00:00
Jeremy Allison
5265ce7837 Added total memory allocated counter to talloc, so we can tell if a talloc
pool is getting bloated. Also added a talloc_zero function to return zeroed memory.
Added debug in rpc_server/srv_pipe_hnd.c so we know when a talloc pool is being
freed. Syncup with srv_pipe_hnd.c from 2.2 so we are freeing memory at the same time.
Jeremy.
(This used to be commit d3a56c6042)
2001-02-27 19:22:02 +00:00
Jeremy Allison
683ccef0bd Started conversion of lsa server code to canonical format (as srv_reg and
srv_samr have been).
Jeremy.
(This used to be commit f434cda977)
2001-02-26 08:10:51 +00:00
David O'Neill
9ec19336e5 Changes from SAMBA_2_2:
- fix typo in cast from talloc
(This used to be commit f24aa0b51f)
2001-01-29 21:32:45 +00:00
Jeremy Allison
cf90dbd158 Fixed "object picker can't determine if object in domain" bug seen from W2K
clients. Did this by importing Samba-TNG code that correctly handles LSA
lookups.
*MANY* thanks to Luke, Sander, Elrond and the rest of the TNG gang !
Jeremy
(This used to be commit f76dc952f7)
2001-01-25 02:35:50 +00:00
David O'Neill
27922c0430 Changes from APPLIANCE_HEAD:
source/rpc_parse/parse_lsa.c
        - off by one unistr length bug in init_lsa_trans_name()

    source/lib/util_sid.c
        - resolve more BUILTIN sid values to names.

    source/nsswitch/wb_client.c
        - fix typo in debug message
        - set errno on error so we don't get bogus value from last failure.

    source/rpc_server/srv_spoolss_nt.c
        - add debug to track number of open printer handles for ease of
          tracking handle leaks in the future.

    source/rpc_server/srv_lsa.c
        - fix off-by-one string bug.  This was preventing NT from
          displaying names for well-know SIDs in printer permissions
          dialog.
(This used to be commit 59229b9025)
2001-01-15 18:36:50 +00:00
Tim Potter
13d99e3ea9 RPC server fixes for RPC client changes merged from TNG.
(This used to be commit 793153ebde)
2001-01-11 23:49:51 +00:00
Tim Potter
e29c028a44 General clean up. Merged routines for parsing enum_trust_dom rpc call.
(This used to be commit 54b34517ce)
2001-01-11 22:54:12 +00:00
Jeremy Allison
fb82ab78fe Never free anything in the rpc_parse/prs_XXX functions. Do it in the enclosing
function.
lib/util_unistr.c: Check lengths *before* reading source - prevent uninitialised
memory reads.
Jeremy.
(This used to be commit ce4f461965)
2000-12-15 23:02:01 +00:00
Jeremy Allison
369f5fd1d7 Fixed memory leaks in lsa_XX calls. Fixed memory leaks in smbcacls. Merged
in fixes from appliance-head and 2.2. Fixed multiple connection.tdb open
problem.
Jeremy.
(This used to be commit 0a40bc83e1)
2000-12-15 01:02:11 +00:00
Tim Potter
e43671cd57 Wrong length for unistr2 in init_q_lookup_names()
Removed some more static arrays and replaced with tallocated memory
blocks.
(This used to be commit 1db0f31ae0)
2000-12-13 11:53:37 +00:00
Jeremy Allison
20ac3fc77e Merged in Tim's changes : Removed static limit of MAX_LOOKUP_SIDS in rpc server and client
lsa_lookup_names() and lsa_lookup_sids().
Jeremy.
(This used to be commit 9e9c71c8b3)
2000-12-12 02:45:11 +00:00
Tim Potter
3478427f2e Port of lsa_lookup_sids() and lsa_lookup_names() rpc client functions from
TNG branch.

Re-instated lsa_lookup_sids and lsa_lookup_names functions in rpcclient.

This requires most samba binaries to link in another handful of object
files due to uncessary coupling between modules.  )-:
(This used to be commit 817819d0cc)
2000-12-08 03:34:00 +00:00
Jean-François Micouleau
85643cd72c last part of W2K support.
the trust domain list reply on netlogon pipe was wrong, interim hack until
we have full trust relationships.

changed some unistr2 to parse the ending NULL char.

added a prs_align_needed() function. much like a prs_align but with a
condition. needed for the unistr2 parsing.

	J.F.
(This used to be commit d8bf81553c)
2000-10-13 14:02:01 +00:00
Jeremy Allison
0fc271ea4a Some code moved back from TNG - updates to LSA stuff. Not yet used but
will be needed soon.
Jeremy.
(This used to be commit f0aa8f9314)
2000-09-20 22:07:56 +00:00
Andrew Tridgell
00e3fe1324 moved trans2.h and nterr.h into includes.h with all our other includes
(This used to be commit d7cd7c88fd)
2000-04-25 14:06:57 +00:00
Jeremy Allison
8f1620125d acconfig.h configure configure.in: Added check for UT_SYSLEN for utmp code.
include/byteorder.h: Added alignment macros.
include/nameserv.h: Added defines for msg_type field options - from rfc1002.
lib/time.c: Typo fix.
lib/util_unistr.c: Updates from UNICODE branch.
printing/nt_printing.c: bzero -> memset.
smbd/connection.c: Added check for UT_SYSLEN for utmp code.

Other fixes : Rollback of unapproved commit from Luke.
Please *ask* next time before doing large changes to HEAD.

Jeremy.
(This used to be commit f02999dbf7)
2000-03-22 19:03:12 +00:00
Luke Leighton
b89b75a368 added the following message to all dce/rpc client/server code, except
the spoolss code (it's cut from TNG) and the smb-dce/rpc interface
code that jeremy has been working up to TNG-functionality.

i also want this message to go into SAMBA_2_0 and SAMBA_2_0_RELEASE,
because it is intolerable that potentially good modifications be made
to code that is going to be thrown away, and people waste their time
fixing bugs and adding enhancements that have already been carried
out already, up to two years ago in the TNG branch.

/*
 * THIS CODE IS OUT-OF-DATE BY TWO YEARS, IS LEGACY DESIGN AND VERY, VERY,
 * INCOMPLETE.  PLEASE DO NOT MAKE ANY FURTHER ENHANCEMENTS TO THIS CODE
 * UNLESS THEY ARE ALSO CARRIED OUT IN THE SAMBA_TNG BRANCH.
 *
 * PLEASE DO NOT TREAT THIS CODE AS AUTHORITATIVE IN *ANY* WAY.
 *
 * REPEAT, PLEASE DO NOT MAKE ANY MODIFICATIONS TO THIS CODE WITHOUT
 * FIRST CHECKING THE EQUIVALENT MODULE IN SAMBA_TNG, UPDATING THAT
 * FIRST, *THEN* CONSIDER MAKING THE SAME MODIFICATION IN THIS BRANCH
 *
 * YOU WILL, ALMOST GUARANTEED, FIND THAT THE BUG-FIX OR ENHANCEMENT THAT
 * YOU THINK IS NECESSARY, HAS ALREADY BEEN IMPLEMENTED IN SAMBA_TNG.
 * IF IT HAS NOT, YOUR BUG-FIX OR ENHANCEMENT *MUST* GO INTO SAMBA_TNG
 * AS THE SAMBA_TNG CODE WILL REPLACE THIS MODULE WITHOUT REFERENCE TO
 * ANYTHING IN IT, WITH THE POSSIBLE RISK THAT THE BUG-FIX OR ENHANCEMENT
 * MAY BE LOST.
 *
 * PLEASE OBSERVE AND RESPECT THIS SIMPLE REQUEST.
 *
 * THANK YOU.
 *
 * lkcl@samba.org
 */
(This used to be commit cfaea90529)
2000-03-22 10:26:09 +00:00
Andrew Tridgell
3db52feb1f first pass at updating head branch to be to be the same as the SAMBA_2_0 branch
(This used to be commit 453a822a76)
1999-12-13 13:27:58 +00:00
Luke Leighton
4c4af2ba5e shuffling msrpc code around so that it can be used independently of rpcclient
(This used to be commit e88e7d529b)
1999-11-23 18:56:26 +00:00
Luke Leighton
e1820455c2 nt5rc2 falling over because the LsaQueryInfoPolicy() response _must_
have the string max length = string length + 1.

if not, then it gets its knickers in a twist over whether the string
is NULL-terminated or not.

four days.

four days i spent on this one.
(This used to be commit 9795e5948c)
1999-11-19 02:05:19 +00:00
Luke Leighton
7032daa887 added lsaenumdomains command.
attempting to get blood out of a stone^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H
querysecret to work, it keeps returning access denied.
(This used to be commit 953fe6ba94)
1999-11-01 22:25:38 +00:00
Luke Leighton
4cda1d2b4f NetServerTransportEnum parsing, client-side and rpcclient "srvtransports" added.
(This used to be commit 37f4aac06f)
1999-10-30 22:34:38 +00:00
Luke Leighton
5612824426 - typecast malloc / Realloc issues.
- signed / unsigned issues.
(This used to be commit c8fd555179)
1999-10-25 19:03:27 +00:00
Luke Leighton
52fed795e1 turning some of the rpcclient functions dynamic. this is likely to
break a few things...
(This used to be commit 4b06f30323)
1999-10-21 18:25:12 +00:00
Luke Leighton
896ecb48ca return results on prs_xxxxx() and all xxx_io_xxx() routines.
the whole task is not complete, yet.  xxx_io_xxx() routines that
_call_ xxx_io_xxx() routines not done.

prs_xxxx() covered by macros.  considering doing xxx_io_xxxx in the same way.
(This used to be commit 3b583f7be5)
1999-10-15 18:46:22 +00:00
Luke Leighton
ddf33698b5 - initialising mach_passwd_file locks to zero (prev. uninit.)
- cleanup

- #defined report to sprintf as it's #defined to another function in
  other uses of cmd_lsarpc.c
(This used to be commit 8fb2ff247a)
1999-09-12 22:40:27 +00:00
Luke Leighton
d4de2b0ae3 matt, you had removed a "pointer" from DOM_R_REF structure which made it
possible to fix lsa_r_lookup_names, but forgot to add that pointer in
to lsa_r_lookup_sids, where DOM_R_REF was also being used.
(This used to be commit 9092368af8)
1999-03-24 21:09:34 +00:00
Luke Leighton
cd7c530f56 removed 2 unnecessary args from make_uni_hdr.
(This used to be commit f84dede27e)
1999-03-24 17:26:08 +00:00
Matthew Chapman
22ab15823f Fixed LSA Lookup Names. There were a few too many NULL pointers in a
negative response, which tended to crash lsass.exe.
(This used to be commit 6d03f61d25)
1999-03-24 12:18:28 +00:00
Luke Leighton
19e22bc8b6 value->enc_secret not value->secret
(This used to be commit d6cee14f80)
1999-03-19 21:15:03 +00:00
Matthew Chapman
e8ac69c168 Adding LSA_OPENSECRET (-> LsarOpenSecret) and LSA_QUERYSECRET
(-> LsarQuerySecret) on client side, including rpcclient command
"querysecret" for others to play with.

The major obstacle is working out the encryption algorithm used
for the secret value. It definitely uses the NT hash as part of the
key, and it seems the block size is 64 bits - probably DES based -
but I can't work out what's done in between. Help required.
(This used to be commit 365fa3b5fb)
1999-03-18 05:16:59 +00:00
Luke Leighton
748f296a76 removal of the use of unistrn2 function: replace it with unistr2_to_str
which is more appropriate.
(This used to be commit ac72fe1ab3)
1999-02-09 19:51:44 +00:00
Luke Leighton
0504d696f8 fix for potential lsass.exe crashing due to negative response from
LsaLookupNames being incorrect.  this is a bit wierd: why would the
lsass.exe on the nt _client_ crash due to an LsaLookupNames response
from a samba _server_?
(This used to be commit a15a3f95f2)
1998-12-20 00:37:24 +00:00
Luke Leighton
312f4f3960 - lib/unix_sec_ctxt.c
attempt at taking lib/uid.c and getting a unix security context
	change module that is independent of "cnums" and "snums".
	a security context is needed for pipes, not just IPC$ or other
	services.

- group database API

	added add_group/alias_member, del_group/alias_member,
	del_group/alias_entry functions.  del_builtin_entry() is
	deliberately set to NULL to cause an exception, you cannot
	delete builtin aliases.

- parse_lsa.c srv_lsa.c

	fixed lookup_names code, it was a load of trash and didn't do
	anything.

- cmd_samr.c rpcclient.c srv_samr.c

	added "deletegroup", "deletealias", "delaliasmem", "delgroupmem",
	"addgroupmem", "addaliasmem", "createalias", "creategroup", to
	both client and server code.

	server code calls into unix stubs right now, which don't actually
	do anything.  the only instance where they are expected to do
	anything is in appliance mode NOT even in the ldap code or anything.

	client code modified to call samr_lookup_names() for group code
	(because we can) and lsa_lookup_names() for alias code (because
	we have to).

- srv_lookup.c

	oops, lookup on unsplit name, we got lookup on DOMAIN, DOMAIN\name
	instead of DOMAIN, name.
(This used to be commit b8175702ef)
1998-12-07 17:23:48 +00:00
Luke Leighton
89c56492a8 - oops, i got "add alias member" and "delete alias member" swapped.
- samr_enum_dom_users, the first 4 bytes is some sort of garbage,
  nt5-beta2 clears them out to zeros whereas nt4 does not.
  fixed bug where we were assuming that the first 4 bytes of a
  response _had_ to be non-zero.

- cli_lsarpc.c: forgot to append the rid on the lsa_lookup_names()
  client call.

- added in "addaliasmem" and "addgroupmem" commands.  the addaliasmem
  command actually turned out to be a "delaliasmem" :-) :-)

- parse_lsa.c: moved assert array check to after the size of useable
  array space is set...
(This used to be commit 165b15a8ca)
1998-12-04 21:48:06 +00:00
Luke Leighton
5dd26daad5 query_aliasmem code. it works (hurrah).
(This used to be commit f7f2516df4)
1998-12-01 22:18:48 +00:00
Luke Leighton
59d4087160 LsaLookupNames client call (first used as lookupnames command in rpcclient).
(This used to be commit 68342a29a8)
1998-11-25 19:57:04 +00:00
Luke Leighton
74d539f557 - group database API. oops and oh dear, the threat has been carried out:
the pre-alpha "domain group" etc parameters have disappeared.

- interactive debug detection

- re-added mem_man (andrew's memory management, detects memory corruption)

- american spellings of "initialise" replaced with english spelling of
  "initialise".

- started on "lookup_name()" and "lookup_sid()" functions.  proper ones.

- moved lots of functions around.  created some modules of commonly used
  code.  e.g the password file locking code, which is used in groupfile.c
  and aliasfile.c and smbpass.c

- moved RID_TYPE_MASK up another bit.  this is really unfortunate, but
  there is no other "fast" way to identify users from groups from aliases.
  i do not believe that this code saves us anything (the multipliers)
  and puts us at a disadvantage (reduces the useable rid space).
  the designers of NT aren't silly: if they can get away with a user-
  interface-speed LsaLookupNames / LsaLookupSids, then so can we.  i
  spoke with isaac at the cifs conference, the only time for example that
  they do a security context check is on file create.  certainly not on
  individual file reads / writes, which would drastically hit their
  performance and ours, too.

- renamed myworkgroup to global_sam_name, amongst other things, when used
  in the rpc code.  there is also a global_member_name, as we are always
  responsible for a SAM database, the scope of which is limited by the role
  of the machine (e.g if a member of a workgroup, your SAM is for _local_
  logins only, and its name is the name of your server.  you even still
  have a SID.  see LsaQueryInfoPolicy, levels 3 and 5).

- updated functionality of groupname.c to be able to cope with names
  like DOMAIN\group and SERVER\alias.  used this code to be able to
  do aliases as well as groups.  this code may actually be better
  off being used in username mapping, too.

- created a connect to serverlist function in clientgen.c and used it
  in password.c

- initialisation in server.c depends on the role of the server.  well,
  it does now.

- rpctorture.  smbtorture.  EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e609)
1998-11-17 16:19:04 +00:00
Luke Leighton
1e1c2ec93c rpcclient registry commands.
(This used to be commit 36fcb4a6e6)
1998-11-10 19:05:00 +00:00
Luke Leighton
cbd0b2ccf9 bug fix in lsa_trans_names.
well-known aliases S-1-5-20 is actually S-1-5-0x20 but sid_to_string does
decimal not hexadecimal oops.
(This used to be commit 4d830e2436)
1998-10-22 18:15:23 +00:00
Luke Leighton
a42afcdcc7 bug-fixing against:
AS/U:
      it returns dce/rpc "first" and "last" bits _clear_ in a bind/ack
      response, when they should be set in a (small) packet.  they also,
      in the bind/ack do not set a secondary address string at all, so
      we can't check against that...

Win95:
      client-side dce/rpc code is a bit odd.  it does a "WaitNamedPipeState"
      and has slightly different pipe-naming (\PIPE\LANMAN is joined by
      \PIPE\SRVSVC, \PIPE\WINREG etc whereas nt just has \PIPE\LANMAN
      and \PIPE\).

Win95-USRMGR.EXE:
      added LsaOpenPolicy (renamed existing to LsaOpenPolicy2).
      added SamrConnect (renamed existing to SamrConnect2).
(This used to be commit a7fccd807b)
1998-10-15 05:47:29 +00:00
Luke Leighton
d8f609aeeb lsa_lookup_sids command added. severe debugging needed on lookup_sids
code.  added "quality of service" capability to lsa_open_policy code.

different lsa_open_policy queries are *not* dealt with in the server code.
answers like "0xC000 0022" - access denied - will have to be made to
lsa_lookup_sids calls when a "quality of service" request is *not* specified
in the lsa_open_policy call.
(This used to be commit 299a723d4e)
1998-09-30 19:09:57 +00:00
Luke Leighton
66d5d73a5d added rpcclient program
(This used to be commit aa38f39d67)
1998-09-25 21:01:52 +00:00
Andrew Tridgell
e9ea36e4d2 tridge the destroyer returns!
prompted by the interpret_security() dead code that Jean-Francois
pointed out I added a make target "finddead" that finds potentially
dead (ie. unused) code. It spat out 304 function names ...

I went through these are deleted many of them, making others static
(finddead also reports functions that are used only in the local
file).

in doing this I have almost certainly deleted some useful code. I may
have even prevented compilation with some compile options. I
apologise. I decided it was better to get rid of this code now and add
back the one or two functions that are needed than to keep all this
baggage.

So, if I have done a bit too much "destroying" then let me know. Keep
the swearing to a minimum :)

One bit I didn't do is the ubibt code. Chris, can you look at that?
Heaps of unused functions there. Can they be made static?
(This used to be commit 2204475c87)
1998-09-05 05:07:05 +00:00
Jeremy Allison
8afc9c80ac Changed ASSERT macros to SMB_ASSERT macros as some systems already
have an ASSERT macro defined.
Jeremy.
(This used to be commit dbe6ad014a)
1998-08-24 21:49:10 +00:00
Andrew Tridgell
3f3f47b0bd added ASSERT() and ASSERT_ARRAY() macros and sprinkled them liberally
in the rpc code.
(This used to be commit e6ce1c5b5a)
1998-08-22 02:54:21 +00:00
Andrew Tridgell
b9623ab59e this is the bug change to using connection_struct* instead of cnum.
Connections[] is now a local array in server.c

I might have broken something with this change. In particular the
oplock code is suspect and some .dll files aren't being oplocked when
I expected them to be. I'll look at it after I've got some sleep.
(This used to be commit c7ee025ead)
1998-08-14 17:38:29 +00:00
Jeremy Allison
a4276507e4 chgpasswd.c: Added comments to #ifdefs
ipc.c: Caused samba password changing not to be done if UNIX password
       changing requested and not successful.
util.c: Added string_to_sid() and sid_to_string() functions.
lib/rpc/client/cli_samr.c:
lib/rpc/include/rpc_misc.h:
lib/rpc/parse/parse_lsa.c:
lib/rpc/parse/parse_misc.c:
lib/rpc/parse/parse_net.c:
lib/rpc/parse/parse_samr.c:
lib/rpc/server/srv_lsa.c:
lib/rpc/server/srv_lsa_hnd.c:
lib/rpc/server/srv_netlog.c:
lib/rpc/server/srv_samr.c:
lib/rpc/server/srv_util.c: Changes so that instead of passing SIDs
around as char *, they are converted to DOM_SID at the earliest
opportunity, and passed around as that. Also added dynamic memory
allocation of group sids. Preparing to auto-generate machine sid.
Jeremy.
(This used to be commit 134d6fa79c)
1998-05-14 01:30:40 +00:00
Jeremy Allison
f888868f46 This is a security audit change of the main source.
It removed all ocurrences of the following functions :

sprintf
strcpy
strcat

The replacements are slprintf, safe_strcpy and safe_strcat.

It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.

Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.

Jeremy.
(This used to be commit 2d77445400)
1998-05-12 00:55:32 +00:00
Luke Leighton
f601e6e048 patches from jean francois: couple of minor bugs
(This used to be commit 532b3956c6)
1998-05-05 09:04:49 +00:00
Jeremy Allison
fdeea341ed "For I have laboured mightily on Luke's code, and hath broken
all I saw" - the book of Jeremy, chapter 1 :-).

So here is the mega-merge of the NTDOM branch server code.
It doesn't include the new client side pieces, we'll look
at that later.

This should give the same functionality, server wise, as
the NTDOM branch does, only merged into the main branch.

Any fixes to domain controler functionality should be
added to the main branch, not the NTDOM branch.

This code compiles without warnings on gcc2.8, but will
need further testing before we are sure all the working
functionality of the NTDOM server branch has been
correctly carried over.

I hereby declare the server side of the NTDOM branch
dead (and all who sail in her :-).

Jeremy.
(This used to be commit 118ba4d77a)
1998-03-11 21:11:04 +00:00