summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* s3: Fix bug 8360Volker Lendecke2011-08-181-7/+16
| | | | | OS/2 sends an unexpected write&x/read&x chain (cherry picked from commit 2aca833308049d005c647aabcd9d894f59698ef4)
* s3: Add a fallback for missing open&x support in OS/X LionVolker Lendecke2011-08-181-20/+71
| | | | | The last 4 patches address bug #8338 (MAC Lion - smbclient "Open AndX Request->STATUS_NOT_SUPPORTED).
* s3: Make map_open_params_to_ntcreate() available in lib/Volker Lendecke2011-08-183-147/+147
|
* s3: Make is_executable() available in lib/Volker Lendecke2011-08-183-18/+18
|
* s3: We only need base_name in map_open_params_to_ntcreateVolker Lendecke2011-08-184-9/+12
|
* s3/swat: use strlcat instead of strncat to fix build on old Linux distrosBjörn Jacke2011-08-091-1/+1
| | | | | | | | | | | | | | SLES 9's glibc for example had weird macros where the use of strncat resulted in the use of strcat which we don't allow. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Björn Jacke <bj@sernet.de> Autobuild-Date: Thu Aug 4 17:50:24 CEST 2011 on sn-devel-104 (cherry picked from commit d3b4d75364210e2d2a4a1cd806f28b0021f22909) Fix bug #8362 (build issue on old glibc systems). (cherry picked from commit 87fa72a5202fe3780d4a61289bf755027cd078f4)
* s3:web/swat: use strtoll() instead of atoi/atol/atollStefan Metzmacher2011-08-091-6/+19
| | | | | | | | | | | | | This is more portable, as we have a strtoll replacement in lib/replace. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Aug 6 11:55:45 CEST 2011 on sn-devel-104 (cherry picked from commit a6be0820d09b3f3eabfbb5f4356add303aa8a494) Fix bug #8347 (CVE-2011-2522 regression for HP-UX, AIX and OSF).
* WHATSNEW: Fix typo.Karolin Seeger2011-08-071-1/+1
| | | | Karolin
* WHATSNEW: Remove wrong entry.Karolin Seeger2011-08-041-2/+0
| | | | | | This one was added by accident, sorry! Karolin
* WHATSNEW: Start release notes for 3.5.12.Karolin Seeger2011-08-041-2/+44
| | | | Karolin
* VERSION: Bump version up to 3.5.12.Karolin Seeger2011-08-041-1/+1
| | | | Karolin
* WHATSNEW: Add changes since 3.5.10.Karolin Seeger2011-08-031-3/+34
| | | | Karolin
* WHATSNEW: Sync with v3-5-stable.Karolin Seeger2011-08-021-31/+19
| | | | Karolin
* Fix bug 7462 - Non-standard SA_RESETHAND is used in ...lib/tevent/tevent_sigJeremy Allison2011-08-023-4/+6
| | | | | | | | Make SA_RESETHAND conditional on its existance. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Aug 1 22:03:45 CEST 2011 on sn-devel-104 (cherry picked from commit 0c67efdd68b9808542c090b9fd9920e4e37d85d0)
* s3: Test for "__attribute__((destructor))"Volker Lendecke2011-07-271-0/+16
| | | | | | (cherry picked from commit 36e736871e28665ffcbbc4d0c87e1a2b60fcf0e0) Fix bug #8322 (HAVE_FUNCTION_ATTRIBUTE_DESTRUCTOR is missing from 3.5.x).
* WHATSNEW: Start release notes for 3.5.11.Karolin Seeger2011-07-261-2/+45
| | | | | Karolin (cherry picked from commit 6ab1dc24d77a58d4c37cb816ce04762c1df7521c)
* VERSION: Bump version up to 3.5.11.Karolin Seeger2011-07-261-1/+1
| | | | | Karolin (cherry picked from commit b6678d3dbcba6a2ee4961d2565477d362035e1b3)
* s3-swat: Fix typo.Karolin Seeger2011-07-261-1/+1
| | | | | | | Thanks to Simo for reporting! Karolin (cherry picked from commit 9f73c1990a19daa899fa5345530a867e69a5be94)
* s3 swat: Create random nonce in CGI modeKai Blin2011-07-261-1/+19
| | | | | | | | | | | | | | In CGI mode, we don't get access to the user's password, which would reduce the hash used so far to parameters an attacker can easily guess. To work around this, read the nonce from secrets.tdb or generate one if it's not there. Also populate the C_user field so we can use that for token creation. Signed-off-by: Kai Blin <kai@samba.org> The last 12 patches address bug #8290 (CSRF vulnerability in SWAT). This addresses CVE-2011-2522 (Cross-Site Request Forgery in SWAT). (cherry picked from commit 0e17d8ef7e4004a0d35011c322b93b6da5811951)
* s3 swat: Add time component to XSRF tokenKai Blin2011-07-262-5/+25
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 227921871146563c1d57f9a8faa3b8354058740c)
* s3 swat: Add XSRF protection to printer pageKai Blin2011-07-261-10/+18
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit c287fe37acc8d8cd64ffc5227498f5950df64c2b)
* s3 swat: Add XSRF protection to password pageKai Blin2011-07-261-3/+8
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 01dec3486857243151a63c8f877a4258d5864869)
* s3 swat: Add XSRF protection to shares pageKai Blin2011-07-261-5/+13
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit ecf5f0e613ca7f908cc961e406033bcc842b097a)
* s3 swat: Add XSRF protection to globals pageKai Blin2011-07-261-0/+7
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 9482f46dd0e961145345bd2cdbb01fa35ec9f048)
* s3 swat: Add XSRF protection to wizard pageKai Blin2011-07-261-1/+8
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 02a58bf633f7cd0cb04747d09a8b0a720b5b39b5)
* s3 swat: Add XSRF protection to wizard_params pageKai Blin2011-07-261-0/+7
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 19a697f189156fed86d9d78e8bb6667e764075af)
* s3 swat: Add XSRF protection to viewconfig pageKai Blin2011-07-261-0/+7
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit eae32a3f33c7c555663f917d5fba71033c968511)
* s3 swat: Add XSRF protection to status pageKai Blin2011-07-261-0/+7
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 587002c21aa4e944bf6422d77ec3bc6240bf04d5)
* s3 swat: Add support for anti-XSRF tokenKai Blin2011-07-262-0/+59
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit abaccc2a7b45f9c778c00597b2d927222a118f27)
* s3 swat: Allow getting the user's HTTP auth passwordKai Blin2011-07-262-0/+10
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 988f59f7eb512fbae5a6cab6ed1dbf32a5737fe7)
* s3 swat: Fix possible XSS attack (bug #8289)Kai Blin2011-07-261-12/+2
| | | | | | | | | | | | | | Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack against SWAT, the Samba Web Administration Tool. The attack uses reflection to insert arbitrary content into the "change password" page. This patch fixes the reflection issue by not printing user-specified content on the website anymore. Signed-off-by: Kai Blin <kai@samba.org> CVE-2011-2694. (cherry picked from commit 4cd5237ed156bb5a288e865b5afc88a966e1f386)
* WHATSNEW: Add changes since 3.5.9.Karolin Seeger2011-07-061-3/+32
| | | | Karolin
* s3:librpc/gen_ndr: regen after wbint.idl changesStefan Metzmacher2011-07-054-0/+23
| | | | | | metze Part of a fix for bug #7841 (WINBINDD_LOOKUPRIDS asks the wrong domain).
* s3:nmbd_subnetdb: close all sockets attached to a subnet in close_subnet() ↵Stefan Metzmacher2011-07-041-3/+11
| | | | | | | (bug #8276) metze (cherry picked from commit 75e9f2110876137a57632d223248ac51dbfc4569)
* s3:nmbd_packets: make sure create_listen_fdset() returns initialized data ↵Stefan Metzmacher2011-07-041-18/+26
| | | | | | | | | | | | (bug #8276) Fix bug #7949 (DoS in Winbind and smbd with many file descriptors open) (commit feb3fcd0fa4bda0967b881315595d7702f4d1752) changed the bahavior, so that we skipped some sockets. This should work for v3-5-test. metze
* s3:smbldap: make smbldap_connect_system self containedGregor Beck2011-07-041-6/+11
| | | | The last 5 patches address bug #8253 (winbindd panics if verify_idpool() fails).
* s3:smbldap: add a destructor to smbldap_state, just in caseGregor Beck2011-07-041-0/+7
|
* s3:smbldap: let smbldap_free_struct do what it claims toGregor Beck2011-07-041-2/+1
|
* s3:smbldap: free the idle event scheduled in smbldap_open in smbldap_closeGregor Beck2011-07-041-1/+2
|
* s3:smbldap: use smbldap_state as memory context for idle eventGregor Beck2011-07-041-2/+2
| | | | | ensure the event is canceled if the smbldap_state gets freed this fixes a panic of winbindd if verify_idpool fails
* s3: explicitly pass domain_sid to wbint_LookupRids() (bug #7841)Volker Lendecke2011-06-283-8/+10
|
* Fix bug #8254 - "acl check permissions = no" does not work in all casesJeremy Allison2011-06-272-2/+16
| | | | | | | | Move lp_acl_check_permissions() into can_delete_file_in_directory() where it makes sense. Remove ACL check when requesting DELETE_ACCESS when lp_acl_check_permissions is false. Thanks to John Janosik @ IBM for noticing this.
* s3: increase the log level for missing PIDs on SIGCHLDDavid Disseldorp2011-06-271-1/+2
| | | | | | | | | | | | | | | | | | | | | | | Since the fix for bso#7836, the parent smbd is responsible for maintaining an up-to-date printcap cache. It does this by forking a child process to asynchronously fetch printcap data from CUPS. When the child process exits after fetching all printcap data, the parent smbd is sent SIGCHLD. This triggers smbd_sig_chld_handler() which looks for the exited process PID on a "children" list. Child smbd process PIDs are added to the "children" list to ensure cleanup on unclean shutdown and log level change notification messages. Printcap update process PIDs are not added to the list as they do not maintain any state that requires cleanup, nor do they wait on tevent for messages. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Thu Feb 17 11:11:45 CET 2011 on sn-devel-104 (cherry picked from commit 9c12232f1ae36e00d04114ad73edd8ba3c2c6a5c) Fix bug #8269 (smbd spams log with "Could not find child X -- ignoring" messages).
* WHATSNEW: Formatting.Karolin Seeger2011-06-241-2/+2
| | | | Karolin
* s3-WHATSNEW 3.5.9 Add information on kerberos changeAndrew Bartlett2011-06-241-0/+14
|
* s3: Fix bug 8238 -- KB2536276 prevents access to sharesVolker Lendecke2011-06-211-0/+1
| | | | | Without this we were not sending the workgroup name in the negprot reply if plain text passwords are used.
* docs: fix the missing parameter description section in the smb.conf manpageMichael Adam2011-06-211-1/+9
| | | | | | | | | | | | | | | | | | The smb.conf (5) manpage recently sometimes failed to contain the contents of the description of each parameter section. The reason was a unreliable chain of dependencies in the Makefile. The error can be reproduced by touching manpages-3/smb.conf.5.xml and then building the manpages. Then smb.conf.5.xml is newer than any of the smbdotconf/*/*.xml files and hence the intermediate inexistent parameters.*.xml don't get generated. This patch fixes this problem by introducing a phony "parameters" target referencing the parameters.*.xml targets, so that they get build unconditionally. Fix bug #7997 (smb.conf.5 manpage truncated in 3.5.8).
* libreplace: include sys/file.h only when availableBjörn Jacke2011-06-172-1/+3
| | | | thanks to Joachim Schmitz <schmitz@hp.com>. This fixes #7460.
* s3-docs Add documentation for 'client use spnego principal'Andrew Bartlett2011-06-141-0/+28
|
* WHATSNEW: Start release notes for 3.5.10.Karolin Seeger2011-06-141-2/+43
| | | | Karolin
generated by cgit (git 2.34.1) at 2025-08-31 15:19:54 +0000