summaryrefslogtreecommitdiffstats
path: root/source4/libcli/security
Commit message (Collapse)AuthorAgeFilesLines
* Change uint_t to unsigned int in source4Matt Kraai2010-02-021-1/+1
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4-sddl: DRS replication needs REVISION_ADS for SDsAndrew Tridgell2010-01-021-1/+1
| | | | | DRS replication with w2k8-r2 fails with a schema mismatch error if we set the revision to NT4
* py/security: Add test for dom_sid.split.Jelmer Vernooij2009-12-311-3/+8
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* Fixed incorrect checking of PRINCIPAL_SELF permissions.Nadezhda Ivanova2009-12-171-3/+12
| | | | | | If an ace has the PRINCIPAL_SELF as trustee, this sid has to be replaced with the onjectSid of the object being checked. PRINCIPAL_SELF is the way to grant rights to an account over itself.
* s4:security/sddl - rework of the security descriptor abbreviationsMatthias Dieter Wallnöfer2009-11-271-28/+33
| | | | | - Reoder them - Add some new ones (needed for the security descriptor in the provision script)
* Fixed incorrect SID for RAS Servers.Nadezhda Ivanova2009-11-172-1/+2
|
* Fixed some major bugs in inheritance and access checks.Nadezhda Ivanova2009-11-151-13/+16
| | | | | | | | Fixed sd creation not working on LDAP modify. Fixed incorrect replacement of CO and CG. Fixed incorrect access check on modify for SD modification. Fixed failing sec_descriptor test and enabled it. Fixed failing sd add test in ldap.python
* Version 1.0 of the directory service acls module.Nadezhda Ivanova2009-11-052-47/+60
| | | | | | | At this point, support for checks on LDAP add, delete, rename and modify. Old kludge_acl is still there to handle the searches. This module is synchronous as the async version was impossible to debug, will be converted to async after some user testing.
* Fixed some missing flags and bugs in the security creation.Nadezhda Ivanova2009-11-031-11/+47
| | | | | Also, added some logging. It needs improvement, possibly ability to turn in on and off via configuration file.
* Fixed a bug in object specific access checks.Nadezhda Ivanova2009-11-031-2/+4
|
* s4:libcli/security/access_check - Add "const" in front of "type"Matthias Dieter Wallnöfer2009-10-221-1/+1
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4-acl: SEC_FLAG_MAXIMUM_ALLOWED doesn't auto-apply privilege access masksAndrew Tridgell2009-10-171-6/+2
|
* s4-security: honor more of the privilege access bitsAndrew Tridgell2009-10-171-4/+12
|
* s4: fix various warnings (not "const" related ones)Matthias Dieter Wallnöfer2009-10-021-3/+3
|
* s4-acl: fixed SD creationAndrew Tridgell2009-09-281-12/+22
| | | | | Thanks for Nadya and Metze for this. The SDs were being created with invalid fields (noticed by w2k8-r2 client when joining our domain)
* Fixed a dereferenced null pointer.Nadezhda Ivanova2009-09-241-16/+14
|
* Initial Implementation of the DS objects access checks.Nadezhda Ivanova2009-09-214-1/+252
| | | | | Currently disabled. The search will be greatly modified, also the object tree stuff will be simplified.
* Initial implementation of security descriptor creation in DSNadezhda Ivanova2009-09-201-4/+348
| | | | | TODO's: ACE sorting and clarifying the inheritance of object specific ace's.
* pyldb: Don't segfault when invalid type is specified to as_sddl and from_sddl.Matthieu Patou2009-09-171-0/+17
| | | | Fix bug #6723
* Owner and group defaulting.Nadezhda Ivanova2009-09-162-1/+118
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4-security: added a new security level SECURITY_DOMAIN_CONTROLLERAndrew Tridgell2009-09-152-0/+10
| | | | | This will be used as a simple way to lock down DRS replication to administrators and domain controllers
* Fix typoMatthias Dieter Wallnöfer2009-07-191-1/+1
|
* s4: Add additional 2-letter SID/RID mappings.Andrew Kroeger2009-05-291-0/+23
| | | | Information from http://msdn.microsoft.com/en-us/library/aa379602(VS.85).aspx
* s4: try to fix privileges implementation in order to pass the ↵Günther Deschner2009-05-201-1/+5
| | | | | | RPC-SAMR-USERS-PRIVILEGES test. Guenther
* Fix of a bug in the security.descriptor.as_sddl() methodnadezhda ivanova2009-04-231-0/+6
| | | | | | | | security.descriptor.as_sddl() method did not work correctly when invoked without supplying the domain sid. Returned the same value as when the sid was provided. Test added for this case in libcli/security/tests/bindings.py Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
* Move the security_descriptor utility code to the top-level.Jelmer Vernooij2009-04-213-535/+2
|
* Add a unit test for security_descriptor.as_sddl() without arguments.Jelmer Vernooij2009-04-201-0/+10
|
* display_sec: Move to common libcli/security directory.Jelmer Vernooij2009-03-251-2/+0
|
* Add header files for secace and secacl.Jelmer Vernooij2009-03-011-1/+2
|
* Move secacl to top-level.Jelmer Vernooij2009-03-011-1/+2
|
* Move secace.c to top-level.Jelmer Vernooij2009-03-011-1/+2
|
* shared: Move dom_sid_* utility functions to top levelKai Blin2009-02-013-308/+5
|
* Fix the mess with ldb includes.Simo Sorce2009-01-301-1/+0
| | | | | | | | Separate again the public from the private headers. Add a new header specific for modules. Also add service function for modules as now ldb_context and ldb_module are opaque structures for them.
* Implement as_sddl.Jelmer Vernooij2009-01-221-0/+10
|
* Support parsing sddl for security descriptors.Jelmer Vernooij2009-01-221-0/+8
|
* Fix more compiler warnings in various places.Jelmer Vernooij2008-12-231-1/+0
|
* Fix comparison in tests now that we use __cmp__ rather than __eq__.Jelmer Vernooij2008-12-211-2/+2
|
* Fix more tests, improve repr() functions for various Python types.Jelmer Vernooij2008-12-212-8/+8
|
* Simplify customization of pidl-generated Python modules.Jelmer Vernooij2008-12-211-16/+24
|
* Merge the rest of security.i into samba.dcerpc.security.Jelmer Vernooij2008-12-214-3701/+0
|
* Remove duplicate Python bindings for dom_sid, security_descriptor andJelmer Vernooij2008-12-213-1022/+40
| | | | security_token.
* Include errors.i verbatim in security.i, as it's the only file still using it.Jelmer Vernooij2008-12-211-1/+33
|
* Fix compiler warning when parsing a SID in a data blobAndrew Bartlett2008-12-201-1/+1
|
* Manually marshall dom_sid, so we can use a fixed size array forJelmer Vernooij2008-12-123-37/+1
| | | | | | | | | dom_sid.sub_auths rather than a dynamically allocated one. This makes it possible to use the same DCE/RPC object code for Samba 3 and Samba 4's DCE/RPC parsers and allows copying sids more easily (since they no longer contain any pointers). The cost of having additional manual marshalling code is limited (~35 additional lines of C code).
* s4:librpc/ndr: integrate NDR_MISC into LIBNDRStefan Metzmacher2008-11-161-1/+1
| | | | metze
* s4: libcli/security: a NULL DACL allows accessStefan Metzmacher2008-10-281-11/+2
| | | | | | This fixes bug 4284. metze
* Make Sid member variables accessible from Python.Jelmer Vernooij2008-09-303-0/+128
|
* fixed problem with ACLs with an empty DACL listAndrew Tridgell2008-09-231-1/+14
|
* Add test for Sid.__repr__.Jelmer Vernooij2008-09-191-0/+4
|
* Generate with 1.3.36.Jelmer Vernooij2008-09-182-31/+36
|
generated by cgit (git 2.34.1) at 2025-09-27 12:59:12 +0000