| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
| |
this also fixes the usage displays of net afs
(cherry picked from commit 7738d8b89bcf2b43d65f1bf4599a688cb4143768)
|
|
|
|
|
| |
This fixes the second piece of Bug #8263
(cherry picked from commit 8a14ccb99388e31b366fc84060186be1ea708d75)
|
|
|
|
|
| |
This fixes one piece of Bug #8263
(cherry picked from commit caa4226c315a70138016cf8fae13ce3f050057e7)
|
|
|
|
|
|
|
| |
All other auth modules code with being called with
auth_method->private_data being NULL, make the auth_server
module cope with this too.
(cherry picked from commit e173f04a822944e96171866d9fbf43301cd611a4)
|
|
|
|
|
|
|
|
|
|
|
| |
In CGI mode, we don't get access to the user's password, which would
reduce the hash used so far to parameters an attacker can easily guess.
To work around this, read the nonce from secrets.tdb or generate one if
it's not there.
Also populate the C_user field so we can use that for token creation.
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit 589bc35590aebfdd20fe786c08005bb43ef47d94)
|
|
|
|
|
| |
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit fb0d393a1972c28ecd6e49959c8c5b7900e1b574)
|
|
|
|
|
| |
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit 3b138403ea157f1c6b8dfc40016f293831765948)
|
|
|
|
|
| |
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit 395503b9f51445d9ca493c2fc7e6022ee75cb743)
|
|
|
|
|
| |
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit 869590cc3a0c09e11f77277af1d3b7334b718ce0)
|
|
|
|
|
| |
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit dc3aa10bbc5936aebab88db2ea34b46648839745)
|
|
|
|
|
| |
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit e33970f1c60451a063bb2eeb64f9515c64722508)
|
|
|
|
|
| |
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit a887d8446bc74b255682a4047cb5616fe236bcaf)
|
|
|
|
|
| |
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit bb9bb437fc3685879f5b34c444d58c4a564f148d)
|
|
|
|
|
| |
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit d240094fbe7b581a6c97f506fa17747e21180598)
|
|
|
|
|
| |
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit 5e32110742a310aff6946acd34b0dca3a3fc8130)
|
|
|
|
|
| |
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit 4592956a35d700aaf4ec2be7fc183f42fbe14fba)
|
|
|
|
|
|
|
|
|
| |
Thanks to Simo for reporting!
Karolin
(cherry picked from commit 9f73c1990a19daa899fa5345530a867e69a5be94)
(cherry picked from commit bcb052c29212954a3ed10c9f095c51e4e0a96af5)
(cherry picked from commit 43cf67654ebcfd3f0a8298af7f6cf15cd5f2d981)
|
|
|
|
|
|
|
|
|
|
|
|
| |
Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack
against SWAT, the Samba Web Administration Tool. The attack uses reflection to
insert arbitrary content into the "change password" page.
This patch fixes the reflection issue by not printing user-specified content on
the website anymore.
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit d88744f460a2a65d4e0cfb6c944f90f09e15d3b4)
|
|
|
|
|
|
| |
metze
(cherry picked from commit 84d9cdb5112e55ae8a1e525ca2b8cef2ae606f22)
(cherry picked from commit d7242cb7fcfca687a4b9c20c4084c74b12fc5aad)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systems.
Re-add:
smb_ucs2_t toupper_w(smb_ucs2_t v);
bool isupper_w(smb_ucs2_t v);
smb_ucs2_t tolower_w(smb_ucs2_t v);
bool islower_w(smb_ucs2_t v);
and ensure they are called whenever we are operating on smb_ucs2_t
variables. I'd like to make the definition of smb_ucs2_t incompatible
with int and codepoint_t so they can't be mixed, but that's a patch
for another time.
(cherry picked from commit bdc078a81e49bce3b51560a75984e0306c387573)
|
|
|
|
|
|
|
|
|
|
|
| |
Remove
int toupper_ascii(int c);
int tolower_ascii(int c);
int isupper_ascii(int c);
int islower_ascii(int c);
and replace with their _m equivalents, as they are identical.
(cherry picked from commit 5b6a34128a0e0bc33c255dc53c9fb9fd8e6d34d8)
|
|
|
|
|
|
|
|
| |
all locks
Reported by herb@samba.org. Remove the (premature) optimization
on file close.
(cherry picked from commit c5b272a05c4bd9d7f70c14fe307b8da46b9e607e)
|
|
|
|
|
| |
Karolin
(cherry picked from commit 8585ac3635e9ae284a5b35dba2412d996a73f7ad)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
smbd_check_open_rights()
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Jul 11 22:45:01 CEST 2011 on sn-devel-104
(cherry picked from commit f5d320ac0fb74d4ad95a03969366096e9b074379)
The last 10 patches address bug #8102 (domuser can change ACL from his files
over the network).
(cherry picked from commit d43d147c9d69dd23296677f9ae998c9362771682)
|
|
|
|
|
|
| |
metze
(cherry picked from commit a1046389ffcc476456ac76cb701a4325d1c42ef9)
(cherry picked from commit 89a05c3a54239d384317f9881430fac264138f3f)
|
|
|
|
|
|
| |
metze
(cherry picked from commit 58eed1b295afeff6acfb8c1f10b0bb02280fd491)
(cherry picked from commit c384bf75284fa7280b9279d305c5404f9f1066df)
|
|
|
|
|
|
| |
metze
(cherry picked from commit 581d8fa36b73abab030168dc35fb631ccd42a388)
(cherry picked from commit 3e8770619c53c956f623ae852f97e6226513898d)
|
|
|
|
|
|
|
|
|
|
|
| |
I think we should reject invalid access early,
before we might create new files.
Also smbd_check_open_rights() is only called if the file existed.
metze
(cherry picked from commit 896f105ed40dc04f83bcbfac367b309c8d957f86)
(cherry picked from commit d43f7ffb9fa8449a954d2e9fc9012a00289b41e2)
|
|
|
|
|
|
| |
metze
(cherry picked from commit ce66d4e4a885add09edfa8e6d5eab0f3b5d63081)
(cherry picked from commit 5a1c2b4774c914a45bf2da7e666f6acf7f6927c6)
|
|
|
|
|
|
| |
metze
(cherry picked from commit 18f967a24881aa899b39f7676fc70a7f7aaca07b)
(cherry picked from commit bd91cb862c4ceb3955c742d1c516e51733a19e6e)
|
|
|
|
|
|
|
|
|
|
|
|
| |
We can't allow open with access that has been denied via the share
security descriptor
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jul 5 16:21:54 CEST 2011 on sn-devel-104
(cherry picked from commit 4deca5d72804a40e68158a1183f5633dabf24761)
(cherry picked from commit b3a035005ef98bcb31bade50a9e3ddf088302779)
|
|
|
|
|
|
| |
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 720fa46f9443ccbe471b265f1c2b9cb9782a3c26)
(cherry picked from commit 83c6e9d3ad76e8009778e5ba0bf22e256d06ad48)
|
|
|
|
|
|
| |
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 1c022d2e414607633323e65abbc63bb3aeaaa6a4)
(cherry picked from commit 283f76c06308eaeaf9d134e0bfb45188ee684fb3)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
change_to_root_user()
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jul 8 13:45:46 CEST 2011 on sn-devel-104
(cherry picked from commit dbfb88aef30a755c29015bff4699eb17925a4988)
The last 3 patches address bug #8292 (Disable SMB2 for 3.6).
(cherry picked from commit 7b28ae90603ff152e31b2113109bdaebc540810f)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For all requests which don't operate on a tcon, we should call
change_to_root_user(), to match the SMB1 behavior.
For SMB1 we do the following operations without AS_USER:
/* 0x70 */ { "SMBtcon",reply_tcon,0},
/* 0x71 */ { "SMBtdis",reply_tdis,DO_CHDIR},
/* 0x72 */ { "SMBnegprot",reply_negprot,0},
/* 0x73 */ { "SMBsesssetupX",reply_sesssetup_and_X,0},
/* 0x74 */ { "SMBulogoffX",reply_ulogoffX, 0}, /* ulogoff doesn't give a valid TID */
/* 0x75 */ { "SMBtconX",reply_tcon_and_X,0},
...
/* 0x2b */ { "SMBecho",reply_echo,0},
...
/* 0xa4 */ { "SMBntcancel",reply_ntcancel, 0 },
For SMB2tdis we still call smbd_smb2_request_check_tcon()
as close_cnum() calls change_to_root_user() when needed.
metze
Signed-off-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit eea210eba7c20e6d04b13cf8ccd3011ee7c99157)
(cherry picked from commit 3de9d2204e1f14c8a1d9642f3dc1e1e7e1013210)
|
|
|
|
|
|
|
|
|
|
|
| |
smb2_tcon request
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Jul 4 17:34:13 CEST 2011 on sn-devel-104
(cherry picked from commit 7c96e96e9881ec1ad7b41f0ab241a5b0ac17b93f)
(cherry picked from commit fe6a325226a5fb17e5ccf62c5d0882d97baa35b7)
|
|
|
|
|
| |
Karolin
(cherry picked from commit ae414153864100daa616b169b1b55e2d903b590c)
|
|
|
|
|
| |
Karolin
(cherry picked from commit 7bbf4bc9870c5a9b02a40d321b2efdb86b0440d2)
|
|
|
|
|
| |
princ must not be used uninitialized. auth_data is not used at all.
(cherry picked from commit ba6f88a6720358bea75b162f193182b724b9411c)
|
|
|
|
|
|
| |
commit 102a931c8081559423fb25b3a4d445b6f2e790ac)
(cherry picked from commit e5f4b6e7aa1d102db023a491991684118875ee38)
|
|
|
|
|
|
|
|
|
|
| |
Fix bug #8297 (ldb tools man pages should be removed from the release tar
ball).
Thanks to Björn for reporting!
Karolin
(cherry picked from commit 73e6673078ef8477107cf94a9d53f3d2b42cb6d7)
|
|
|
|
|
|
|
|
| |
Move the num_requests field out of the smb1 struct into the generic
struct smbd_server_connection struct. Use it to count SMB2 requests
as well as SMB1 and ensure that check_log_size() is called every 50
SMB2 requests.
(cherry picked from commit b7dbbe1005627932ab959144002f9d41adb04328)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
server code in undesired places.
Andreas, please check.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri Jul 8 18:34:44 CEST 2011 on sn-devel-104
(cherry picked from commit f4add4fbf545313f5d24e0d9e5c9eb0f8fac630a)
Conflicts:
source3/rpc_server/wscript_build
source3/wscript_build
The last 21 patches address bug #8214 (printer driver upgrade fails, causing
smbd to exit on startup).
(cherry picked from commit 9a555e0271c333d1e33a9f2df435166aa8c6dfde)
|
|
|
|
|
|
|
|
|
|
|
|
| |
WERR_INVALID_PRINTER_NAME only needed to be handled when printing tdb
migration used spoolss, with winreg such errors are no longer possible.
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Jul 7 19:15:34 CEST 2011 on sn-devel-104
(cherry picked from commit e5955903fdc5ed6f8660b72db0716d4da25c711c)
(cherry picked from commit 1822df19e764bce37a4b2c7e212a2bb0c61d1d13)
|
|
|
|
|
|
|
| |
Also fix possibly uninitialised status return from
printing_tdb_migrate_printer().
(cherry picked from commit 5dd8185d852afc3843253c9471326677f8816a77)
(cherry picked from commit ec0c13d05962e0e3d92dee811667e2dc6bfa67fc)
|
|
|
|
|
|
|
|
|
|
| |
descriptor.
Guenther
Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
(cherry picked from commit cfc3b6e5f79f253e83dfbd13d47b671deb5801b3)
(cherry picked from commit d967d1b9ac902cd750cc9c43ecce9481c444504b)
|
|
|
|
|
|
|
|
|
|
| |
finally.
Guenther
Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
(cherry picked from commit 57bbb32c64db1027e2b9ae1aef7f5f3b33ae3882)
(cherry picked from commit 4fc35a5cc9db162a6df7b09e70686caaaa6c352c)
|
|
|
|
|
|
|
|
|
|
|
|
| |
Guenther
Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
(cherry picked from commit 8f3d5f5333a61922c4ea7ff1e1d244978958e857)
Conflicts:
source3/printing/nt_printing_migrate.c
(cherry picked from commit 8ca35cd86041d197f3bf377cc0afabe5e2cd4ceb)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
binding_handles.
Guenther
Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
(cherry picked from commit 72b1f8be5619ed778c4aa0b967f6a4f34d7e9de8)
Conflicts:
source3/rpc_server/spoolss/srv_spoolss_nt.c
(cherry picked from commit 5bab2244e5893ae6f470299b4efcabd54dc23fcc)
|
|
|
|
|
|
|
|
|
|
|
|
| |
Guenther
Pair-Programmed-With: David Disseldorp <ddiss@suse.de>
(cherry picked from commit 0a1ec73b965f66977a90fb7febb3b56b52ebab20)
Conflicts:
source3/rpc_server/spoolss/srv_spoolss_nt.c
(cherry picked from commit 7c0ab14cc21c47193e7198a01e5ae16052c8d0f9)
|