summaryrefslogtreecommitdiffstats
path: root/source4/libcli/security
Commit message (Collapse)AuthorAgeFilesLines
* s4-auth Move libcli/security/session.c to the top levelAndrew Bartlett2011-02-223-107/+0
| | | | | | | This code is now useful in common, as the elements of the auth_session_info structure have now been defined in common IDL. Andrew Bartlett
* s4-smbtorture: Make test names lowercase and dot-separated.Jelmer Vernooij2010-12-111-1/+1
| | | | | | | | This is consistent with the test names used by selftest, should make the names less confusing and easier to integrate with other tools. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sat Dec 11 04:16:13 CET 2010 on sn-devel-104
* s4:libcli/security/session.h - fix include ordering for "enum ↵Matthias Dieter Wallnöfer2010-11-271-2/+2
| | | | security_user_level"
* s4: Remove the old perl/m4/make/mk-based build system.Jelmer Vernooij2010-10-311-8/+0
| | | | | | | | The new waf-based build system now has all the same functionality, and the old build system has been broken for quite some time. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
* waf: Stop automaticaly changing dashes to underscores in library names.Jelmer Vernooij2010-10-261-1/+1
|
* s4: Drop duplicate 'lib' prefix for private libraries.Jelmer Vernooij2010-10-261-2/+2
|
* s4: Rename LIBSECURITY{_SESSION,} to libsecurity{_session,}Jelmer Vernooij2010-10-241-6/+6
|
* s4-libcli: make LIBSECURITY_SESSION a private libraryAndrew Tridgell2010-10-211-5/+6
|
* libcli/auth Merge source4/libcli/security and util_sid.c into the common codeAndrew Bartlett2010-10-144-854/+1
| | | | | | | | | This should ensure we only have one copy of these core functions in the tree. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-acl Merge sec_access_check() with se_access_check() from source3/Andrew Bartlett2010-10-141-2/+16
| | | | | | Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett2010-10-121-45/+0
| | | | | | | | | | | | | | This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
* s4-libcli/security Use seperate subsystem for session related functionsAndrew Bartlett2010-10-124-12/+41
| | | | | | | | The merged I plan in this area require spliting security.h into two header files, a common header and a session.h for the remaining source4-specific code. Andrew Bartlett
* libcli/security Move most of security_token.c to common code.Andrew Bartlett2010-10-124-182/+66
| | | | | | The source4-specific session_info functions have been left in session.c Andrew Bartlett
* s4-selftest: Move more tests to scripting/python, simplifies running of tests.Jelmer Vernooij2010-09-211-143/+0
|
* libcli/security Use talloc_zero when making a struct security_tokenAndrew Bartlett2010-09-111-5/+1
|
* libcli/security Move source4/ privileges code into the common libcli/securityAndrew Bartlett2010-09-113-310/+2
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-privs Add a lookup by index of privilagesAndrew Bartlett2010-09-111-0/+11
| | | | | | | | | Now that privileges are no longer given luid values sequentially, we need another way to look them up for enumeration. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* privs Add my CopyrightAndrew Bartlett2010-09-111-0/+1
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4-privs Remove link between enum sec_privilege and the privilege bitmapAndrew Bartlett2010-09-111-17/+69
| | | | | | | | | | | This allows us to set the enum sec_privilege constants to the LUID values that are seen from windows, which we need to match, in order to preserve the support for the NT Print Migrator tool after a merge with the source3/ privileges code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s4:libcli/security/*.c - fix some wrong typed countersMatthias Dieter Wallnöfer2010-09-093-10/+7
| | | | According to "librpc/gen_ndr/security.h" they need to be "uint32_t".
* s4:security Change struct security_token->sids from struct dom_sid * to ↵Andrew Bartlett2010-08-232-7/+7
| | | | | | | | | struct dom_sid This makes the structure much more like NT_USER_TOKEN in the source3/ code. (The remaining changes are that privilages still need to be merged) Andrew Bartlett
* s4:security Remove use of user_sid and group_sid from struct security_tokenAndrew Bartlett2010-08-182-8/+7
| | | | This makes the structure more like Samba3's NT_USER_TOKEN
* s4:security Bring in #defines for the user and primary group token locationAndrew Bartlett2010-08-181-0/+3
| | | | | | | | This will allow us to stop duplicating the user and primary group SID in the struct security_token, and therefore make it more like the NT_USER_TOKEN in Samba3. Andrew Bartlett
* s4-drs: fixed check for SECURITY_RO_DOMAIN_CONTROLLERAndrew Tridgell2010-08-171-6/+6
| | | | | | check more than the user_sid, and also check for the right rid value Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* python: Use samba.tests.TestCase, make sure base class tearDown andJelmer Vernooij2010-06-191-10/+18
| | | | setUp methods are called, fix formatting.
* s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER levelAndrew Tridgell2010-04-222-6/+18
| | | | | | | | | | | This is used for allowing operations by RODCs, and denying them operations that should only be allowed for a full DC This required a new domain_sid argument to security_session_user_level() Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Rusty Russell <rusty@samba.org>
* Removed more excess looping and fixed problem with incorrect IO flag handling.Nadezhda Ivanova2010-04-201-126/+81
|
* A bit of refactoring in the SD creation code.Nadezhda Ivanova2010-04-151-127/+71
|
* s4-waf: removed the AUTOGENERATED markersAndrew Tridgell2010-04-061-4/+0
| | | | we won't be using the mk -> wscript generator again
* s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵Andrew Tridgell2010-04-061-0/+2
| | | | them
* build: waf quicktest nearly worksAndrew Tridgell2010-04-061-1/+1
| | | | | Rewrote wafsamba using a new dependency handling system, and started adding the waf test code
* build: commit all the waf build files in the treeAndrew Tridgell2010-04-061-0/+10
|
* python: use '#!/usr/bin/env python' to cope with varying install locationsAndrew Tridgell2010-03-251-1/+1
| | | | this should be much more portable
* Missing include guard in source4/libcli/security/security.hJeremy Allison2010-03-241-0/+5
| | | | Jeremy.
* s4:move the sddl code down to the top levelMichael Adam2010-03-033-627/+2
| | | | Michael
* Change uint_t to unsigned int in source4Matt Kraai2010-02-021-1/+1
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4-sddl: DRS replication needs REVISION_ADS for SDsAndrew Tridgell2010-01-021-1/+1
| | | | | DRS replication with w2k8-r2 fails with a schema mismatch error if we set the revision to NT4
* py/security: Add test for dom_sid.split.Jelmer Vernooij2009-12-311-3/+8
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* Fixed incorrect checking of PRINCIPAL_SELF permissions.Nadezhda Ivanova2009-12-171-3/+12
| | | | | | If an ace has the PRINCIPAL_SELF as trustee, this sid has to be replaced with the onjectSid of the object being checked. PRINCIPAL_SELF is the way to grant rights to an account over itself.
* s4:security/sddl - rework of the security descriptor abbreviationsMatthias Dieter Wallnöfer2009-11-271-28/+33
| | | | | - Reoder them - Add some new ones (needed for the security descriptor in the provision script)
* Fixed incorrect SID for RAS Servers.Nadezhda Ivanova2009-11-172-1/+2
|
* Fixed some major bugs in inheritance and access checks.Nadezhda Ivanova2009-11-151-13/+16
| | | | | | | | Fixed sd creation not working on LDAP modify. Fixed incorrect replacement of CO and CG. Fixed incorrect access check on modify for SD modification. Fixed failing sec_descriptor test and enabled it. Fixed failing sd add test in ldap.python
* Version 1.0 of the directory service acls module.Nadezhda Ivanova2009-11-052-47/+60
| | | | | | | At this point, support for checks on LDAP add, delete, rename and modify. Old kludge_acl is still there to handle the searches. This module is synchronous as the async version was impossible to debug, will be converted to async after some user testing.
* Fixed some missing flags and bugs in the security creation.Nadezhda Ivanova2009-11-031-11/+47
| | | | | Also, added some logging. It needs improvement, possibly ability to turn in on and off via configuration file.
* Fixed a bug in object specific access checks.Nadezhda Ivanova2009-11-031-2/+4
|
* s4:libcli/security/access_check - Add "const" in front of "type"Matthias Dieter Wallnöfer2009-10-221-1/+1
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4-acl: SEC_FLAG_MAXIMUM_ALLOWED doesn't auto-apply privilege access masksAndrew Tridgell2009-10-171-6/+2
|
* s4-security: honor more of the privilege access bitsAndrew Tridgell2009-10-171-4/+12
|
* s4: fix various warnings (not "const" related ones)Matthias Dieter Wallnöfer2009-10-021-3/+3
|
* s4-acl: fixed SD creationAndrew Tridgell2009-09-281-12/+22
| | | | | Thanks for Nadya and Metze for this. The SDs were being created with invalid fields (noticed by w2k8-r2 client when joining our domain)
generated by cgit (git 2.34.1) at 2025-08-28 16:27:09 +0000