samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

History

Ralph Boehme a58b54a334 libcli/security: fix dom_sid_in_domain() Ensure the SID has exactly one component more then the domain SID, eg Domain SID: S-1-5-21-1-2-3 SID: S-1-5-21-1-2-3-4 This will return true. If the SID has more components, eg SID: S-1-5-21-1-2-3-4-5, or SID: S-1-5-21-1-2-3-4-5-6-7-8 dom_sid_in_domain() must return false. This was verified against Windows: lsa_LookupSids: struct lsa_LookupSids out: struct lsa_LookupSids domains : * domains : * domains: struct lsa_RefDomainList count : 0x00000002 (2) domains : * domains: ARRAY(2) domains: struct lsa_DomainInfo name: struct lsa_StringLarge length : 0x000e (14) size : 0x0010 (16) string : * string : 'BUILTIN' sid : * sid : S-1-5-32 domains: struct lsa_DomainInfo name: struct lsa_StringLarge length : 0x0012 (18) size : 0x0014 (20) string : * string : 'W4EDOM-L4' sid : * sid : S-1-5-21-278041429-3399921908-1452754838 max_size : 0x00000020 (32) names : * names: struct lsa_TransNameArray count : 0x00000004 (4) names : * names: ARRAY(4) names: struct lsa_TranslatedName sid_type : SID_NAME_USER (1) name: struct lsa_String length : 0x001a (26) size : 0x001a (26) string : * string : 'Administrator' sid_index : 0x00000001 (1) names: struct lsa_TranslatedName sid_type : SID_NAME_UNKNOWN (8) name: struct lsa_String length : 0x005c (92) size : 0x005e (94) string : * string : 'S-1-5-21-278041429-3399921908-1452754838-500-1' sid_index : 0xffffffff (4294967295) names: struct lsa_TranslatedName sid_type : SID_NAME_ALIAS (4) name: struct lsa_String length : 0x001c (28) size : 0x001c (28) string : * string : 'Administrators' sid_index : 0x00000000 (0) names: struct lsa_TranslatedName sid_type : SID_NAME_UNKNOWN (8) name: struct lsa_String length : 0x001c (28) size : 0x001e (30) string : * string : 'S-1-5-32-544-9' sid_index : 0xffffffff (4294967295) count : * count : 0x00000002 (2) result : STATUS_SOME_UNMAPPED Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Ralph Boehme <slow@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>		2017-04-12 01:41:14 +02:00
..
auth	libcli/auth: add netlogon_creds_cli_debug_string()	2017-02-21 16:09:21 +01:00
cldap	s3: cldap: cldap_multi_netlogon_send() fails with one bad IPv6 address.	2016-10-18 02:16:20 +02:00
dns	wscript: remove executable bits for all wscript* files	2017-01-11 20:21:01 +01:00
drsuapi	werror: replace WERR_SEC_E_DECRYPT_FAILURE with HRES_SEC_E_DECRYPT_FAILURE	2016-09-28 00:04:35 +02:00
echo	libcli/echo: validate the message length	2012-09-22 04:31:06 +02:00
ldap	typo: mplementation => implementation	2016-05-06 05:03:16 +02:00
lsarpc	libcli/lsarpc: add struct trustAuthInOutBlob; forward declaration	2014-04-02 09:03:42 +02:00
named_pipe_auth	named_pipe_auth: Rename client -> remote_client and server -> local_server	2017-03-29 02:37:28 +02:00
nbt	wscript: remove executable bits for all wscript* files	2017-01-11 20:21:01 +01:00
netlogon	libcli/netlogon: We need to handle a bug in FreeIPA (at least <= 4.1.2).	2015-01-05 17:01:08 +01:00
registry	build: Make util_reg subsystem in libcli/registry a library	2011-05-18 16:12:08 +02:00
samsync	libcli: Use "all_zero" where appropriate	2017-01-03 16:04:28 +01:00
security	libcli/security: fix dom_sid_in_domain()	2017-04-12 01:41:14 +02:00
smb	libcli: introduce smbXcli_conn_support_passthrough()	2017-03-28 17:45:19 +02:00
smbreadline	lib: smbreadline xfile->stdio	2016-12-11 11:17:24 +01:00
util	getncchanges: Return correct denied REPL_SECRET error code	2017-03-13 05:10:11 +01:00