summaryrefslogtreecommitdiffstats
path: root/source3/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* Ensure incoming timespec values correctly wrap at nsecs.Jeremy Allison2010-09-141-0/+4
| | | | Jeremy.
* s3-util_sid Use the NDR parser to parse struct dom_sidAndrew Bartlett2010-09-141-14/+8
| | | | | | | The manual parser failed to constrain the maximum number of sub-authorities to 15, allowing an overflow of the array. Andrew Bartlett
* libcli/security Merge source3/ string_to_sid() to common codeAndrew Bartlett2010-09-141-106/+0
| | | | | | | | The source3 code repsects the limit of a maximum of 15 subauths, while the source4 code does not, creating a security issue as we parse string-form SIDs from clients. Andrew Bartlett
* s3-util_sid use ARRAY_SIZE() to ensure we never overflow the dom_sidAndrew Bartlett2010-09-141-1/+1
| | | | | | | This ensures that this, unlike the MAXSUBAUTHS macro, can't get out of sync with the structure. Andrew Bartlett
* s3-util_sid Accept S-1-5 as a SIDAndrew Bartlett2010-09-141-2/+10
|
* s3-dom_sid Use C99 types in dom_sid handlingAndrew Bartlett2010-09-141-7/+7
| | | | Andrew Bartlett
* s3/profiling: don't use CLOCK_PROCESS_CPUTIME_IDBjörn Jacke2010-09-141-17/+0
| | | | that clock is a CPU burnometer but we need a chronometer for profiling.
* libcli/security Move 'private' privileges functions to another headerAndrew Bartlett2010-09-111-0/+1
| | | | | | | | | These functions work on the bitmap, and are only exposed because the source3/ privileges storage uses the bitmap in account_policy.tdb Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Remove 'always true' return from se_priv_put_all_privilegesAndrew Bartlett2010-09-111-3/+1
| | | | | | Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-util_sid Tidy up global struct security_tokenAndrew Bartlett2010-09-112-14/+6
| | | | | | | | | This no longer needs to be global, and should be const. We now also init it with the C99 style initialisers. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Add constAndrew Bartlett2010-09-111-3/+3
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Remove extra pointer on privilege maskAndrew Bartlett2010-09-111-4/+4
| | | | | | Now that this is a scalar, this isn't required. Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privileges: add handling of both old and new formats in databaseAndrew Tridgell2010-09-111-28/+48
| | | | | | | | | | We update privileges on a per-record basis instead of all at once, as this maintains maximum compatibility is someone uses old tools with a new version of Samba. The also auto-detects the byte order of the old entries in the database, and copes with either native or reversed byte order. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s3-privs Remove unused functionAndrew Bartlett2010-09-111-30/+0
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Overhaul PRIVILEGE_SET handling, avoid dealing with the bitmapAndrew Bartlett2010-09-111-50/+17
| | | | | | | | | | This avoids us dealing with the privilege bitmap in the LSA server, and overhauls much of the rest of the handling to be currnet with the modern world of talloc. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Hide the bitmap-based grant_privilege and revoke_privilegeAndrew Bartlett2010-09-111-7/+33
| | | | | | | | | The new wrappers avoid anything but the core privileges code dealing with the bitmap values directly. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Make privilege_enum_sids() take an LUID, not a bitmapAndrew Bartlett2010-09-111-2/+2
| | | | | | | | This moves one more privileges call away from direct bitmap manipuation. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Rework privilege enumeration to also use new DB formatAndrew Bartlett2010-09-111-5/+18
| | | | | | Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Directly manipulate the privileges bitmap.Andrew Bartlett2010-09-112-13/+6
| | | | | | | | | There is no longer any reason to go via the se_ functions to manipulate this bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Convert from user_has_privileges() -> security_token_has_privilege()Andrew Bartlett2010-09-111-2/+2
| | | | | | | | | This new call is available in the merged privileges code, and takes an enum as the parameter, rather than a bitmask. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Remove a pointer from grant_privilege()Andrew Bartlett2010-09-111-7/+7
| | | | | | Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Remove a pointer indirection from revoke_privilege()Andrew Bartlett2010-09-111-4/+4
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Inline dump_se_priv into callers now that it's just a uint64_tAndrew Bartlett2010-09-111-10/+6
| | | | | | | | The previous 128 bit structure needed this helper function. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Move source3/ privileges implmentation into commonAndrew Bartlett2010-09-111-458/+0
| | | | | | Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Rename structure elements for greater clarityAndrew Bartlett2010-09-111-9/+9
| | | | | | | | | It is important to make clear which is the LUID and which is the Samba-only bitmap mask. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs More clarity in variable namesAndrew Bartlett2010-09-111-4/+4
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Rename mask -> privilege_mask to be more clearAndrew Bartlett2010-09-111-26/+26
| | | | | | | | | After SE_PRIV was removed, it became less clear what these parameters were for. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3:auth Remove NT_USER_TOKENAndrew Bartlett2010-09-115-14/+14
| | | | | | | | | The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Change struct nt_user_token -> struct security_tokenAndrew Bartlett2010-09-112-7/+7
| | | | | | | | This common structure is defined in security.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Change type of num_sids to uint32_tAndrew Bartlett2010-09-113-7/+7
| | | | | | | | | | | | | | size_t is overkill here, and in struct security_token in the num_sids is uint32_t. This includes a change to the prototype of add_sid_to_array() and add_sid_to_array_unique(), which has had a number of consequnetial changes as I try to sort out all the callers using a pointer to the number of sids. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Only store low bits of luid in privileges tableAndrew Bartlett2010-09-111-17/+19
| | | | | | | | Samba only uses the low bits, and this makes the code simpler. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* privs Add my CopyrightAndrew Bartlett2010-09-111-0/+1
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Remove comment already moved to security.idlAndrew Bartlett2010-09-111-41/+0
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Use constants from security.idlAndrew Bartlett2010-09-111-9/+9
| | | | | | | | The values in security.idl have been updated to match these. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-privs Further changes to remove SE_PRIVAndrew Bartlett2010-09-111-48/+48
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3:privs Change to new host endian neutral privilages tdb formatAndrew Bartlett2010-09-111-3/+16
| | | | | | | | | | | | | These values are stored in account_policy.tdb, and the old format, using a 128 bit bitmap was not endian neutral. The previous endian-dependent format was introduced in 46e5effea948931509283cb84b27007d34b521c8 replacing a 32 bit number which was used at the time. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3:Change SE_PRIV to uint64_tAndrew Bartlett2010-09-111-20/+20
| | | | | | | | This removes the SE_PRIV typedef Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3:privileges Change SE_PRIV to be just a uint64_tAndrew Bartlett2010-09-111-24/+5
| | | | | | | | | | | | We don't need 128 possible privileges here, as we only use 12. This reverts some of 46e5effea948931509283cb84b27007d34b521c8 by Jerry back in 2005, where he introduced the SE_PRIV structure to replace the uint32_t used at the time. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* Fox missing SMB_MALLOC return checks noticed by "Andreas Moroder ↵Jeremy Allison2010-09-092-0/+13
| | | | | | <andreas.moroder@gmx.net>". Jeremy.
* Fix warnings caused by double ";;" at the end of the time_mono() fixes.Jeremy Allison2010-09-081-3/+3
|
* s3/ldap: use monotonic clock for timeouts in smbldapBjörn Jacke2010-09-081-17/+23
| | | | | tevent would need monotonic clock features to make also smbldap's idle handling aware of backward clock jumps. Other areas in smbldap are clock jump save now.
* s3-param: added lp_set_cmdline() and --option= parameterAndrew Tridgell2010-09-021-0/+10
| | | | Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s3-ctdb: ctdbd_init_connection() is static to this file.Günther Deschner2010-09-011-8/+0
| | | | Guenther
* s3: messaging_ctdbd_connection() was only called with procid_self()Volker Lendecke2010-08-314-18/+12
| | | | Eventually we'll get this right...
* s3: messaging_ctdbd_init potentially modifies my_vnnVolker Lendecke2010-08-311-0/+1
| | | | | | | | If we call messaging_ctdbd_connection() we end up with the wrong vnn in our messaging context. This is a bit of a hack, get_my_vnn() needs to go eventually along with procid_self()
* s3: Make ctdbd_init_connection staticVolker Lendecke2010-08-311-2/+2
|
* s3: use monotonic time in timeout of sys_select_intr()Björn Jacke2010-08-311-10/+11
|
* s3: use clock_gettime() in timespec_current()Björn Jacke2010-08-311-4/+1
|
* s3-auth Rename NT_USER_TOKEN privileges -> privilege_maskAndrew Bartlett2010-08-312-6/+6
| | | | | | This is closer to the struct security_token from security.idl Andrew Bartlett
* s3-auth Rename NT_USER_TOKEN user_sids -> sidsAndrew Bartlett2010-08-312-10/+10
| | | | This is closer to the struct security_token from security.idl
generated by cgit (git 2.34.1) at 2025-09-27 04:49:49 +0000