samba.git/source4/auth/system_session.c, branch talloc-2.1.2 Unnamed repository; edit this file 'description' to name the repository. s4: fix wrong index usage PRIMARY_USER_SID_INDEX when it should have been PRIMARY_GROUP_SID_INDEX 2011-06-19T21:21:08+00:00 Matthieu Patou mat@matws.net 2011-06-13T20:27:07+00:00 245b27774995b6ee8aef4b14bb3dc5518fc733d1 The system account was instanciated with wrong user an group SIDs, group sid resulted being just the domain SID. Bug seems to date from fbe6d155bf177c610ee549cc534650b0f0700e8a. Andrew (B.) please check. 
The system account was instanciated with wrong user an group SIDs, group
sid resulted being just the domain SID.
Bug seems to date from fbe6d155bf177c610ee549cc534650b0f0700e8a.

Andrew (B.) please check.
s4:auth/system_session.c - check for OOM 2011-03-22T18:04:41+00:00 Matthias Dieter Wallnöfer mdw@samba.org 2011-03-21T09:25:09+00:00 bd25bc133a2a6f2b4d755b6d3ea83c956a60e3af Reviewed-by: Jelmer 
Reviewed-by: Jelmer
s4-auth Rework auth subsystem to remove struct auth_serversupplied_info 2011-02-09T00:11:06+00:00 Andrew Bartlett abartlet@samba.org 2011-02-08T05:53:13+00:00 a2ce53c1f5301ffcf990dbab837c328ea22739b6 This changes auth_serversupplied_info into the IDL-defined struct auth_user_info_dc. This then in turn contains a struct auth_user_info, which is the only part of the structure that is mainted into the struct session_info. The idea here is to avoid keeping the incomplete results of the authentication (such as session keys, lists of SID memberships etc) in a namespace where it may be confused for the finalised results. Andrew Barltett 
This changes auth_serversupplied_info into the IDL-defined struct
auth_user_info_dc.  This then in turn contains a struct
auth_user_info, which is the only part of the structure that is
mainted into the struct session_info.

The idea here is to avoid keeping the incomplete results of the
authentication (such as session keys, lists of SID memberships etc) in
a namespace where it may be confused for the finalised results.

Andrew Barltett
s4-auth Remove special case for account_sid from auth_serversupplied_info 2011-01-20T22:44:05+00:00 Andrew Bartlett abartlet@samba.org 2011-01-20T12:39:37+00:00 fbe6d155bf177c610ee549cc534650b0f0700e8a This makes everything reference a server_info->sids list, which is now a struct dom_sid *, not a struct dom_sid **. This is in keeping with the other sid lists in the security_token etc. In the process, I also tidy up the talloc tree (move more structures under their logical parents) and check for some possible overflows in situations with a pathological number of sids. Andrew Bartlett 
This makes everything reference a server_info->sids list, which is now
a struct dom_sid *, not a struct dom_sid **.  This is in keeping with
the other sid lists in the security_token etc.

In the process, I also tidy up the talloc tree (move more structures
under their logical parents) and check for some possible overflows in
situations with a pathological number of sids.

Andrew Bartlett
s4-auth Remove duplicate copies of session_info creation code 2010-12-21T04:10:38+00:00 Andrew Bartlett abartlet@samba.org 2010-12-21T00:43:04+00:00 6f7423c7f1cc3a4596a955a90f315ffbf1025c3b We now just do or do not call into LDB based on some flags. This means there may be some more link time dependencies, but we seem to deal with those better now. Andrew Bartlett 
We now just do or do not call into LDB based on some flags.

This means there may be some more link time dependencies, but we seem
to deal with those better now.

Andrew Bartlett
s4-auth rework session_info handling not to require an auth context 2010-12-21T04:10:38+00:00 Andrew Bartlett abartlet@samba.org 2010-12-20T23:19:53+00:00 1961d7a4119200b8a4ad7b0207e0cdcf2e10d3f8 This reverts a previous move to have this based around the auth subsystem, which just spread auth deps all over unrelated code. Andrew Bartlett 
This reverts a previous move to have this based around the auth
subsystem, which just spread auth deps all over unrelated code.

Andrew Bartlett
s4:security Change struct security_token->sids from struct dom_sid * to struct dom_sid 2010-08-22T22:50:55+00:00 Andrew Bartlett abartlet@samba.org 2010-08-20T02:15:15+00:00 6cf29b3e4f3880882eb7df45dbcfaf7bd2b8d9f4 This makes the structure much more like NT_USER_TOKEN in the source3/ code. (The remaining changes are that privilages still need to be merged) Andrew Bartlett 
This makes the structure much more like NT_USER_TOKEN in the source3/
code.  (The remaining changes are that privilages still need to be merged)

Andrew Bartlett
s4:auth Change {anonymous,system}_session to use common session_info generation 2010-08-17T23:50:45+00:00 Andrew Bartlett abartlet@samba.org 2010-08-14T10:33:36+00:00 23dc2e4244a99f1e955d54c22516a7a8c108d989 This also changes the primary group for anonymous to be the anonymous SID, and adds code to detect and ignore this when constructing the token. Andrew Bartlett 
This also changes the primary group for anonymous to be the anonymous
SID, and adds code to detect and ignore this when constructing the token.

Andrew Bartlett
s4:auth Remove system_session_anon() from python bindings 2010-08-17T23:50:44+00:00 Andrew Bartlett abartlet@samba.org 2010-08-14T07:45:57+00:00 ba52834dd97d4c855ab98c2cbab1d6ed8d189de8 






s4:auth Remove the system:anonymous parameter used for the LDAP backend
2010-08-17T23:50:44+00:00

Andrew Bartlett
abartlet@samba.org

2010-08-14T04:16:41+00:00

a68a5592c5fc88fc7ba335cfbe375d687c8b8112

This isn't needed any more, and just introduces complexity.





This isn't needed any more, and just introduces complexity.