summaryrefslogtreecommitdiffstats
path: root/libcli
Commit message (Collapse)AuthorAgeFilesLines
...
* libcli-auth: Remove unnecessary dependency on libsamba-hostconfig.Jelmer Vernooij2010-10-111-2/+2
|
* Add some const. Needed for my SD work.Jeremy Allison2010-10-082-14/+14
| | | | Jeremy
* libcli/ldap: ldap_full_packet() requires at least 6 bytesStefan Metzmacher2010-10-041-0/+7
| | | | metze
* samba: share readline wrappers among all buildsystems.Günther Deschner2010-10-015-0/+346
| | | | Guenther
* libcli/ldap: correctly marshall LDAP Unbind PDUsStefan Metzmacher2010-09-271-0/+2
| | | | metze
* libcli/ldap: let ldap_full_packet() use asn1_peek_tag_needed_size()Stefan Metzmacher2010-09-261-1/+1
| | | | | | | This allows us to read a full packet without read byte after byte or possible read to much. metze
* libcli/util: let tstream_read_pdu_blob_* cope with variable length headersStefan Metzmacher2010-09-261-5/+13
| | | | metze
* libcli: fix compile warningSimo Sorce2010-09-231-0/+2
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* s4:libcli:smb2 Rename pending_id to async_id and make 64-bitSteven Danneman2010-09-221-1/+4
| | | | Match MS-SMB2 - 2.2.1.1 SMB2 Packet Header - ASYNC
* libcli/ldap Add const to ldap_encode_ndr_dom_sid()Andrew Bartlett2010-09-202-2/+2
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* libcli: add dom_sid_compare_domain()Günther Deschner2010-09-202-0/+20
| | | | Guenther
* werror: Add W_ERROR_HAVE_NO_MEMORY_AND_FREE() macroKamen Mazdrashki2010-09-181-0/+7
|
* libcli/auth/ntlmssp Be clear about talloc parents for session keysAndrew Bartlett2010-09-162-9/+7
| | | | | | | | | | The previous API was not clear as to who owned the returned session key. This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code, and avoids making allocations - we steal and zero instead. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* cldap: prevent crashes when freeing cldap socketAndrew Tridgell2010-09-151-6/+15
| | | | | | | As a callback may destroy the cldap socket we need to ensure we don't reference the cldap structure after the callback Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* cldap: use ipv4 not up for unbound cldap socketsAndrew Tridgell2010-09-151-1/+5
| | | | | If we use "ip" we end up with a PF_INET6 socket which breaks sendto() for v4 addresses.
* s4-auth: set the RODC bit for RODC schannelAndrew Tridgell2010-09-151-0/+1
| | | | | | | | When we are using SEC_CHAN_RODC we need to set the NETLOGON_NEG_RODC_PASSTHROUGH bit in the negotiated flags in ServerAuthenticate2 Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* Fix string_to_sid() to allow non '\0' termination of the string - allowsJeremy Allison2010-09-141-11/+6
| | | | | | string_to_sid() to be used in formatted strings like FOO/S-1-5-XXXX-YYYY/BAR. Jeremy.
* libcli/security Use sid_append_rid() in dom_sid_append_rid()Andrew Bartlett2010-09-141-5/+5
| | | | | | | This ensures that the maximum number of sub-authorities is respected, otherwise we may run off the end of the array. Andrew Bartlett
* libcli/security Merge source3/ string_to_sid() to common codeAndrew Bartlett2010-09-141-37/+92
| | | | | | | | The source3 code repsects the limit of a maximum of 15 subauths, while the source4 code does not, creating a security issue as we parse string-form SIDs from clients. Andrew Bartlett
* ntlm_check: Fix some nonempty blank linesVolker Lendecke2010-09-131-21/+21
|
* libcli/auth/schannel_state_tdb.c - fix includesMatthias Dieter Wallnöfer2010-09-111-3/+1
| | | | Otherwise we get a "declared inside parameter list" warning.
* libcli/privileges Fix commentAndrew Bartlett2010-09-111-1/+1
|
* s4-privs Seperate rights and privilegesAndrew Bartlett2010-09-112-14/+60
| | | | | | | | | These are related, but slightly different concepts. The biggest difference is that rights are not enumerated as a system-wide list. This moves the rights to security.idl due to dependencies. Andrew Bartlett
* libcli/security Remove unused SE_NONE defineAndrew Bartlett2010-09-111-1/+0
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Move 'private' privileges functions to another headerAndrew Bartlett2010-09-113-24/+42
| | | | | | | | | These functions work on the bitmap, and are only exposed because the source3/ privileges storage uses the bitmap in account_policy.tdb Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Remove 'always true' return from se_priv_put_all_privilegesAndrew Bartlett2010-09-112-3/+2
| | | | | | Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/auth Failure to find the cached session key for SCHANNEL isn't level 0Andrew Bartlett2010-09-111-1/+1
| | | | | | | | | This happens all the time, particularly now that we don't keep the db around after a reboot. Don't scare the admins with the level 0. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* privileges: privilege luids are not all below 64Andrew Tridgell2010-09-111-3/+0
| | | | | | the ones brought across from s3 have higher values Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* libcli/security Make sec_privilege_from_index() return SEC_PRIV_INVALID on ↵Andrew Bartlett2010-09-111-1/+1
| | | | | | | | | | failure This is clearer and more consistent than using a magic -1 return Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Remove unused declarations from privileges.hAndrew Bartlett2010-09-111-51/+1
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Expose sec_privilege_mask()Andrew Bartlett2010-09-112-1/+6
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security make sec_privilege_id() return SEC_PRIV_INVALID on failure.Andrew Bartlett2010-09-111-1/+1
| | | | | | Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Remove unused functions and constants.Andrew Bartlett2010-09-112-242/+14
| | | | | | | | All the callers to these functions have been removed or reworked. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Rename all privilege bitmaps constantsAndrew Bartlett2010-09-111-28/+28
| | | | | | | | | The idea here to to make it very clear how they differ from the enumerated LUID values. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Remove luid_to_se_priv() and luid_to_privilege_name()Andrew Bartlett2010-09-111-43/+4
| | | | | | | | These functions duplicate other functions in the merged code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Improve dump of privileges: Just walk the tableAndrew Bartlett2010-09-111-5/+4
| | | | | | | | | This removes some logic recently added that was just too smart - it is easier to just walk the table and do a bit match here. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Remove pointer indirection from se_priv_to_privilege_set()Andrew Bartlett2010-09-112-3/+3
| | | | | | Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Don't export privs[] as a global variableAndrew Bartlett2010-09-112-41/+27
| | | | | | | | | | | | Instead, provide access functions for the LSA and net sam callers for the information they need. They still only enumerate the first 8 privileges that have traditionally been exposed. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Merge privilege lists from source3 and source4Andrew Bartlett2010-09-111-169/+126
| | | | | | | | | The LSA enumeration in source3 will not show the new privileges, but otherwise, they are now in common, and can be set by name. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Return number of entries in the old source3 listAndrew Bartlett2010-09-111-3/+4
| | | | | | | | | This ensures there isn't a behaviour change when the source3 list is combined with the longer source4 list. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/privileges Simplify get_privilege_luid() to return just the enumAndrew Bartlett2010-09-112-9/+4
| | | | | | | | | As Samba only deals with the lower 32 bits of the LUID, just return those and let the LSA layer deal with the upper 0 bits. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Don't memcpy a uint64_t value, just assign it.Andrew Bartlett2010-09-111-1/+1
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Use ARRAY_SIZE() consistantly.Andrew Bartlett2010-09-111-15/+16
| | | | | | | | | This avoids the use of SE_END, and has all callers walking the array using the same termination condition. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Fix and clarify privilege manipulation function commentsAndrew Bartlett2010-09-111-9/+9
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Make the two privileges tables share a common struct definitionAndrew Bartlett2010-09-112-27/+22
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Move source4/ privileges code into the common libcli/securityAndrew Bartlett2010-09-113-4/+331
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Move manual prototypes to common privileges.hAndrew Bartlett2010-09-111-0/+88
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Inline dump_se_priv into callers now that it's just a uint64_tAndrew Bartlett2010-09-111-9/+0
| | | | | | | | The previous 128 bit structure needed this helper function. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Use talloc_realloc() not TALLOC_REALLOC_ARRAY()Andrew Bartlett2010-09-111-1/+1
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Use C99 typesAndrew Bartlett2010-09-111-3/+3
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
generated by cgit (git 2.34.1) at 2024-10-03 05:28:56 +0000