summaryrefslogtreecommitdiffstats
path: root/source/auth
Commit message (Collapse)AuthorAgeFilesLines
* r22822: merge vl's fix for BUG 4613Gerald Carter2007-05-131-0/+24
|
* r22650: sync up with SMABA_3_0_25 as of svn r22649Gerald Carter2007-05-031-10/+14
|
* r22434: sync from the 3.0.25 tree for rc2Gerald Carter2007-04-211-35/+7
|
* r21889: * Pull from SAMBA-3_0_25 svn r21888Gerald Carter2007-03-202-2/+3
| | | | * Set version to 3.0.25pre2
* r21585: Start syncing the monster that will become 3.0.25pre1Gerald Carter2007-02-2811-143/+318
| | | | | | | | Still todo: * release notes * few minor outstanding patches * additional idmap man pages
* r19018: staging for a 3.0.23d on Tuesday (I think we have sufficient changes ↵Gerald Carter2006-10-011-0/+1
| | | | to warrant one)
* r17913: saturn fixes from SAMBA_3_0_23Gerald Carter2006-08-291-7/+10
|
* r17751: add create_token_from_username() fixGerald Carter2006-08-231-1/+28
|
* r17727: Start pulling in changes for 3.0.23cGerald Carter2006-08-231-2/+25
|
* r17437: sync valid users and server signing fixesGerald Carter2006-08-071-2/+2
|
* r17400: grabbing latest changes from SAMBA_3_0_23 to help in testingGerald Carter2006-08-041-31/+25
|
* r17161: sync files from SAMBA_3_0_23 branchGerald Carter2006-07-201-1/+2
|
* r16915: grab vl's fix for BUG 3915Gerald Carter2006-07-101-44/+55
|
* r16863: Pull in a few changes from Guenther, Simo, & VolkerGerald Carter2006-07-071-1/+1
| | | | Update the release notes
* r16750: merge fix for BUG 3905Gerald Carter2006-07-011-3/+4
|
* r16674: After removing each individual post-3.0.23rc3 change:Gerald Carter2006-06-291-1/+1
| | | | | | | | | | | | | | This pulls is what I considered safe fixes from SAMBA_3_0. This boiled down to either Klocwork fixes or obvious compiler warning fixes. I did not include any changes to fnuction signatures not the version change to the passdb API. Also pulled in the 3 nmbd fixes requested by Jeremy and the wildcard delete fix. This code will sit for a few days in the cooker and then become 3.0.23 if nothing blows up. I don't care how many more compile warning fixes people throw into SAMBA_3_0.
* r16472: final pass for 3.0.23rc3 I think. Current with SAMBA_3_0 r16471Gerald Carter2006-06-221-0/+25
|
* r16254: pulling klocwork fixes for 3.0.23rc3 (current up to r16251)Gerald Carter2006-06-153-17/+67
|
* r16175: sync up with SAMBA_3_0 to release (r16156)Gerald Carter2006-06-131-5/+3
|
* r16104: Set version to 3.0.23rc2Gerald Carter2006-06-081-1/+1
| | | | | Bring release tree up to current 3.0 tree (svn merge -r15845:16103 $SVNURL/branches/SAMBA_3_0)
* r15837: starting sync up for 3.0.23rc1 (in sync with SAMBA_3_0 r15822)Gerald Carter2006-05-238-328/+63
|
* r15088: Remove all time() and gettimeofday() calls out of the mainlineJeremy Allison2006-04-151-3/+1
| | | | | | packet processing code. Only do these when needed (ie. in the idle timeout code). We drop an unneccessary global here too. Jeremy.
* r15086: Get defensive about creating user accounts when winbinddGerald Carter2006-04-141-2/+5
| | | | fails (but is present).
* r15053: fix portabilities issues between 32-bit winbind clients and a 64-bit ↵Gerald Carter2006-04-121-3/+3
| | | | winbindd server
* r14634: Many bug fixes thanks to train rides and overnight stays in airportsGerald Carter2006-03-221-2/+2
| | | | | | | | | | | | | | | | | | * Finally fix parsing idmap uid/gid ranges not to break with spaces surrounding the '-' * Allow local groups to renamed by adding info level 2 to _samr_set_aliasinfo() * Fix parsing bug in _samr_del_dom_alias() reply * Prevent root from being deleted via Samba * Prevent builting groups from being renamed or deleted * Fix bug in pdb_tdb that broke renaming user accounts * Make sure winbindd is running when trying to create the Administrators and Users BUILTIN groups automatically from smbd (and not just check the winbind nexted groups parameter value). * Have the top level rid allocator verify that the RID it is about to grant is not already assigned in our own SAM (retries up to 250 times). This fixes passdb with existing SIDs assigned to users from the RID algorithm but not monotonically allocating the RIDs from passdb.
* r14578: fix incorrect comment in fill_sam_account(). This function is ↵Gerald Carter2006-03-201-4/+1
| | | | called from multiple places now (krb5, winbindd auth and domain_client_validate()
* r14421: This does two thingsGerald Carter2006-03-151-0/+49
| | | | | | | | | | | | | * Automatically creates the BUILTIN\Users group similar to how BUILTIN\Administrators is done. This code does need to be cleaned up considerably. I'll continue to work on this. * The important fix is for getusergroups() when dealing with a local user and nested groups. Now I can run the following successfully: $ su - jerry -c groups users BUILTIN\users
* r14403: * modifies create_local_nt_token() to create a BUILTIN\AdministratorsGerald Carter2006-03-151-38/+97
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes' * Add a SID domain to the group mapping enumeration passdb call to fix the checks for local and builtin groups. The SID can be NULL if you want the old semantics for internal maintenance. I only updated the tdb group mapping code. * remove any group mapping from the tdb that have a gid of -1 for better consistency with pdb_ldap.c. The fixes the problem with calling add_group_map() in the tdb code for unmapped groups which might have had a record present. * Ensure that we distinguish between groups in the BUILTIN and local machine domains via getgrnam() Other wise BUILTIN\Administrators & SERVER\Administrators would resolve to the same gid. * Doesn't strip the global_sam_name() from groups in the local machine's domain (this is required to work with 'winbind default domain' code) Still todo. * Fix fallback Administrators membership for root and domain Admins if nested groups = no or winbindd is not running * issues with "su - user -c 'groups'" command * There are a few outstanding issues with BUILTIN\Users that Windows apparently tends to assume. I worked around this presently with a manual group mapping but I do not think this is a good solution. So I'll probably add some similar as I did for Administrators.
* r14130: Remove make_server_info_pac alltogether, make_server_info_info3 doesGünther Deschner2006-03-101-89/+0
| | | | | | already do what we need. Guenther
* r14129: Add the group sids from the Kerberos PAC to the user token.Günther Deschner2006-03-101-1/+28
| | | | Guenther
* r14112: * fix checks on return code from register_vuid() which could actuallyGerald Carter2006-03-091-2/+0
| | | | | | | fail and we would still return success in the SMBsesssetup reply :-( * Make sure to create the local token for the server_fino struct in reply_spnego_kerberos() so that register_vuid() does not fail. (how did this ever work?)
* r14042: check that create_local_nt_token() succeeds before dereferncing the ↵Gerald Carter2006-03-081-0/+4
| | | | NT_USER_TOKEN*
* r13981: Fix Coverity bug # 138Volker Lendecke2006-03-071-1/+1
|
* r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16. Günther Deschner2006-02-272-2/+7
| | | | | | | | * Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther
* r13706: Fix typo in typo fix. (-:Tim Potter2006-02-271-1/+1
|
* r13705: Fix a typo (and janitor for myself).Tim Potter2006-02-271-1/+1
|
* r13679: Commiting the rm_primary_group.patch posted on samba-technicalGerald Carter2006-02-241-5/+9
| | | | | | | | | | * ignore the primary group SID attribute from struct samu* * generate the primary group SID strictlky from the Unix primary group when dealing with passdb users * Fix memory leak in original patch caused by failing to free a talloc * * add wrapper around samu_set_unix() to prevent exposing the create BOOL to callers. Wrappers are samu_set_unix() and samu-allic_rid_unix()
* r13590: * replace all pdb_init_sam[_talloc]() calls with samu_new()Gerald Carter2006-02-214-39/+46
| | | | * replace all pdb_{init,fill}_sam_pw() calls with samu_set_unix()
* r13576: This is the beginnings of moving the SAM_ACCOUNT data structure Gerald Carter2006-02-205-54/+55
| | | | | | | | | | | | | | | | | | | | | | | to make full use of the new talloc() interface. Discussed with Volker and Jeremy. * remove the internal mem_ctx and simply use the talloc() structure as the context. * replace the internal free_fn() with a talloc_destructor() function * remove the unnecessary private nested structure * rename SAM_ACCOUNT to 'struct samu' to indicate the current an upcoming changes. Groups will most likely be replaced with a 'struct samg' in the future. Note that there are now passbd API changes. And for the most part, the wrapper functions remain the same. While this code has been tested on tdb and ldap based Samba PDC's as well as Samba member servers, there are probably still some bugs. The code also needs more testing under valgrind to ensure it's not leaking memory. But it's a start......
* r13571: Replace all calls to talloc_free() with thye TALLOC_FREE()Gerald Carter2006-02-204-18/+18
| | | | macro which sets the freed pointer to NULL.
* r13541: we have to wrap pen_enum_group_memberships() in become/unbecome_root()Gerald Carter2006-02-171-1/+5
| | | | | blocks. This fixes the problem I had with missing groups in the net_samlogon() reply from a Samba PDC.
* r13494: Merge the stuff I've done in head the last days.Volker Lendecke2006-02-131-0/+66
| | | | Volker
* r13460: by popular demand....Gerald Carter2006-02-111-46/+8
| | | | | | | | | * remove pdb_context data structure * set default group for DOMAIN_RID_GUEST user as RID 513 (just like Windows) * Allow RID 513 to resolve to always resolve to a name * Remove auto mapping of guest account primary group given the previous 2 changes
* r13382: added server affinity cache stores for 'net rpc join' and trusted ↵Gerald Carter2006-02-081-0/+4
| | | | domain code
* r13316: Let the carnage begin....Gerald Carter2006-02-0312-825/+979
| | | | Sync with trunk as off r13315
* r12522: Try and fix bug #2926 by removing setlocale(LC_ALL, "C")Jeremy Allison2005-12-271-2/+2
| | | | | | and replace calls to isupper/islower/toupper/tolower with ASCII equivalents (mapping into _w variants). Jeremy.
* r12313: Introduce yet another copy of the string_sub function:Volker Lendecke2005-12-181-12/+15
| | | | | | | | | | talloc_string_sub. Someone with time on his hands could convert all the callers of all_string_sub to this. realloc_string_sub is *only* called from within substitute.c, it could be moved there I think. Volker
* r12279: unix_mask_match has been broken for *ever*... (How).Jeremy Allison2005-12-161-2/+2
| | | | | | | | Ensure it returns a BOOL. Jerry (and anyone else) please check this, I think all uses are now correct but could do with another set of eyes. Essential for 3.0.21 release. Jeremy.
* r12174: Simple patch to work around the current lack of BUILTINGerald Carter2005-12-111-3/+53
| | | | | | | | | | | | | nested group support. Always add the BUILTIN\Administrators SID to a Domain Admins token. This solves the extra steps of establishing a group map for the local Administrators SID in order to control services. Windows also tends to expect the Administrators group to be usable when setting up security permissions on shares. Volker's work will probably fix this long term, but this gets us past some of the setup hurdles for 3.0.21.
* r12051: Merge across the lookup_name and lookup_sid work. Lets see how the ↵Volker Lendecke2005-12-031-5/+2
| | | | | | | | build farm reacts :-) Volker
generated by cgit (git 2.34.1) at 2025-09-27 06:46:51 +0000