summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* VERSION: Disable git snapshots for the 4.1.22 release.samba-4.1.22Karolin Seeger2015-12-101-1/+1
| | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* WHATSNEW: Add release notes for Samba 4.1.22.Karolin Seeger2015-12-101-3/+159
| | | | | | | | This is a security to address CVE-2015-7540, CVE-2015-3223, CVE-2015-5252, CVE-2015-5299, CVE-2015-5296, CVE-2015-8467, CVE-2015-5330. Signed-off-by: Karolin Seeger <kseeger@samba.org>
* CVE-2015-8467: samdb: Match MS15-096 behaviour for userAccountControlAndrew Bartlett2015-12-101-2/+22
| | | | | | | | | | Swapping between account types is now restricted Bug: https://bugzilla.samba.org/show_bug.cgi?id=11552 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* CVE-2015-5296: libcli/smb: make sure we require signing when we demand ↵Stefan Metzmacher2015-12-101-0/+11
| | | | | | | | | encryption on a session BUG: https://bugzilla.samba.org/show_bug.cgi?id=11536 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* CVE-2015-5296: s3:libsmb: force signing when requiring encryption in ↵Stefan Metzmacher2015-12-101-3/+12
| | | | | | | | | SMBC_server_internal() BUG: https://bugzilla.samba.org/show_bug.cgi?id=11536 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* CVE-2015-5296: s3:libsmb: force signing when requiring encryption in ↵Stefan Metzmacher2015-12-101-1/+6
| | | | | | | | | do_connect() BUG: https://bugzilla.samba.org/show_bug.cgi?id=11536 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* CVE-2015-5299: s3-shadow-copy2: fix missing access check on snapdirJeremy Allison2015-12-101-0/+45
| | | | | | | | | Fix originally from <partha@exablox.com> https://bugzilla.samba.org/show_bug.cgi?id=11529 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
* CVE-2015-5252: s3: smbd: Fix symlink verification (file access outside the ↵Jeremy Allison2015-12-101-3/+10
| | | | | | | | | | | share). Ensure matching component ends in '/' or '\0'. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11395 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
* CVE-2015-7540: lib: util: Check *every* asn1 return call and early return.Jeremy Allison2015-12-101-61/+45
| | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=9187 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Sep 19 01:29:00 CEST 2014 on sn-devel-104 (cherry picked from commit b9d3fd4cc551df78a7b066ee8ce43bbaa3ff994a)
* CVE-2015-7540: s4: libcli: ldap message - Ensure all asn1_XX returns are ↵Jeremy Allison2015-12-103-395/+401
| | | | | | | | | | | | | | checked. BUG: https://bugzilla.samba.org/show_bug.cgi?id=9187 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ronnie Sahlberg <ronniesahlberg@gmail.com> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Sep 26 03:15:00 CEST 2014 on sn-devel-104 (cherry picked from commit 69a7e3cfdc8dbba9c8dcfdfae82d2894c7247e15)
* ldb: bump version of the required system ldb to 1.1.24Ralph Boehme2015-12-092-3/+4
| | | | | | | | | | | | | | | This is needed to ensure we build against a system ldb library that contains the fixes for CVE-2015-5330 and CVE-2015-3223. autobuild must still be able to build against the older version 1.1.17 including the patches. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11325 Bug: https://bugzilla.samba.org/show_bug.cgi?id=11599 Bug: https://bugzilla.samba.org/show_bug.cgi?id=11636 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* CVE-2015-5330: ldb_dn_explode: copy strings by length, not terminatorsDouglas Bagnall2015-12-091-2/+7
| | | | | | | | | | | | | | | | | | That is, memdup(), not strdup(). The terminators might not be there. But, we have to make sure we put the terminator on, because we tend to assume the terminator is there in other places. Use talloc_set_name_const() on the resulting chunk so talloc_report() remains unchanged. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11599 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Pair-programmed-with: Andrew Bartlett <abartlet@samba.org> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Pair-programmed-with: Stefan Metzmacher <metze@samba.org> Pair-programmed-with: Ralph Boehme <slow@samba.org>
* CVE-2015-5330: next_codepoint_handle_ext: don't short-circuit UTF16 low bytesDouglas Bagnall2015-12-091-1/+4
| | | | | | | | | | | | UTF16 contains zero bytes when it is encoding ASCII (for example), so we can't assume the absense of the 0x80 bit means a one byte encoding. No current callers use UTF16. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11599 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Pair-programmed-with: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* CVE-2015-5330: strupper_talloc_n_handle(): properly count charactersDouglas Bagnall2015-12-091-1/+2
| | | | | | | | | | | When a codepoint eats more than one byte we really want to know, especially if the string is not NUL terminated. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11599 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Pair-programmed-with: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* CVE-2015-5330: Fix handling of unicode near string endingsDouglas Bagnall2015-12-094-14/+25
| | | | | | | | | | | | | | Until now next_codepoint_ext() and next_codepoint_handle_ext() were using strnlen(str, 5) to determine how much string they should try to decode. This ended up looking past the end of the string when it was not null terminated and the final character looked like a multi-byte encoding. The fix is to let the caller say how long the string can be. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11599 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Pair-programmed-with: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* CVE-2015-5330: ldb_dn_escape_value: use known string length, not strlen()Douglas Bagnall2015-12-091-4/+8
| | | | | | | | | | | | ldb_dn_escape_internal() reports the number of bytes it copied, so lets use that number, rather than using strlen() and hoping a zero got in the right place. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11599 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Pair-programmed-with: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* CVE-2015-5330: ldb_dn: simplify and fix ldb_dn_escape_internal()Douglas Bagnall2015-12-091-28/+18
| | | | | | | | | | | | | | Previously we relied on NUL terminated strings and jumped back and forth between copying escaped bytes and memcpy()ing un-escaped chunks. This simple version is easier to reason about and works with unterminated strings. It may also be faster as it avoids reading the string twice (first with strcspn, then with memcpy). Bug: https://bugzilla.samba.org/show_bug.cgi?id=11599 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Pair-programmed-with: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* CVE-2015-3223: lib: ldb: Use memmem binary search, not strstr text search.Jeremy Allison2015-12-091-4/+13
| | | | | | | | | Values might have embedded zeros. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11325 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* CVE-2015-3223: lib: ldb: Cope with canonicalise_fn returning string "", ↵Jeremy Allison2015-12-091-1/+15
| | | | | | | | | length 0. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11325 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* VERSION: Bump version up to 4.1.22...Karolin Seeger2015-10-131-2/+2
| | | | | | and re-enable git snapshots. Signed-off-by: Karolin Seeger <kseeger@samba.org>
* VERSION: Disable git snapshots for the 4.1.21 release.samba-4.1.21Karolin Seeger2015-10-131-1/+1
| | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* WHATSNEW: Add release notes for Samba 4.1.21.Karolin Seeger2015-10-131-3/+43
| | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* samr4: Use <SID=%s> in GetGroupsForUserVolker Lendecke2015-09-081-2/+8
| | | | | | | | | | | | | | | | This way we avoid quoting problems in user's DNs Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Sep 1 23:49:14 CEST 2015 on sn-devel-104 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11488 (cherry picked from commit 841845dea35089a187fd1626c9752d708989ac7b) Autobuild-User(v4-1-test): Stefan Metzmacher <metze@samba.org> Autobuild-Date(v4-1-test): Tue Sep 8 21:05:56 CEST 2015 on sn-devel-104
* VERSION: Bump version up to 4.1.21...Karolin Seeger2015-09-011-2/+2
| | | | | | and re-enable git snapshots. Signed-off-by: Karolin Seeger <kseeger@samba.org>
* VERSION: Disable git snapshots for the 4.1.20 release.samba-4.1.20Karolin Seeger2015-09-011-1/+1
| | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* WHATSNEW: Add release notes for Samba 4.1.20.Karolin Seeger2015-09-011-3/+89
| | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* s3: winbindd: Fix TALLOC_FREE of uninitialized groups variable.Jeremy Allison2015-08-311-1/+1
| | | | | | | | | | | | | Fix created by by: wei zhong <wweyeww@gmail.com> Only for 4.2.x and below, master code already fixed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10823 Signed-off-by: Jeremy Allison <jra@samba.org> Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Mon Aug 31 23:35:54 CEST 2015 on sn-devel-104
* s3-util: Compare the maximum allowed length of a NetBIOS nameRoel van Meer2015-08-311-1/+1
| | | | | | | | | | | | | | This fixes a problem where is_myname() returns true if one of our names is a substring of the specified name. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11427 Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit 4e178ed498c594ffcd5592d0b792d47b064b9586) Autobuild-User(v4-1-test): Stefan Metzmacher <metze@samba.org> Autobuild-Date(v4-1-test): Mon Aug 31 14:39:49 CEST 2015 on sn-devel-104
* s3-net: use talloc array in share allowedusersRalph Boehme2015-08-171-4/+20
| | | | | | | | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=11426 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Tue Aug 4 16:48:36 CEST 2015 on sn-devel-104 (cherry picked from commit 95eb6db580678a29b1f5f30a9567ea449a43d75a) Autobuild-User(v4-1-test): Stefan Metzmacher <metze@samba.org> Autobuild-Date(v4-1-test): Mon Aug 17 20:01:19 CEST 2015 on sn-devel-104
* s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup.Justin Maggard2015-08-032-3/+3
| | | | | | | | | | | | | | | | | | | | | | | Somewhere along the line, a config line like "valid users = @foo" broke when "foo" also exists as a user. user_ok_token() already does the right thing by adding the LOOKUP_NAME_GROUP flag; but lookup_name() was not respecting that flag, and went ahead and looked for users anyway. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11320 Signed-off-by: Justin Maggard <jmaggard@netgear.com> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Marc Muehlfeld <mmuehlfeld@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Jul 28 21:35:58 CEST 2015 on sn-devel-104 (cherry picked from commit dc99d451bf23668d73878847219682fced547622) Autobuild-User(v4-1-test): Stefan Metzmacher <metze@samba.org> Autobuild-Date(v4-1-test): Mon Aug 3 20:03:05 CEST 2015 on sn-devel-104
* lib: replace: Add strsep function (missing on Solaris).Jeremy Allison2015-08-033-2/+27
| | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11359 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ira Cooper <ira@wakeful.net> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jul 29 02:24:55 CEST 2015 on sn-devel-104 (cherry picked from commit f07b746ad3f3ee2fcbb65a0d452ed80f07c9e8f9)
* s3-auth: Fix a possible null pointer dereferenceAndreas Schneider2015-07-211-1/+3
| | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11404 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 109ff388fd5e1306189d680a8f964a69374f1b01) Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Tue Jul 21 19:02:14 CEST 2015 on sn-devel-104
* s3-smbd: Leave sys_disk_free() if dfree command is usedAndreas Schneider2015-07-211-16/+13
| | | | | | | | | | | | | | | | | If we have a broken system which reports incorrect sizes we provide the 'dfree command'. This command makes sure Samba gets the correct values. However after that we call the quota command which then reports the broken values. The dfree command should take care to provide the correct values and in case of quota's it should also calculate the quote correctly. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11403 Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> (cherry picked from commit 48a4d5a4078ff2a66dd753323d6e5d76d34b9828)
* s3-smbd: reset protocol in smbXsrv_connection_init_tables failure paths.Günther Deschner2015-07-191-1/+6
| | | | | | | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11373 Guenther Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Pair-Programmed-With: Michael Adam <obnox@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Sun Jul 19 22:23:18 CEST 2015 on sn-devel-104
* s3:libsmb: Fix a bug in conversion of ea list to ea array.Anubhav Rakshit2015-07-191-1/+1
| | | | | | | | | | | | | | Bug 11361 - Reading of EA's (Extended Attributes) fails using SMB2 and above protocols Tested against Win2k12r2 server. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11361 Signed-off-by: Anubhav Rakshit <anubhav.rakshit@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> (cherry picked from commit 5af2e3eed2ac309e2491fc54e03e7b04c8b118fb)
* smbd:trans2: treat new SMB_SIGNING_DESIRED in caseMichael Adam2015-07-191-0/+1
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (cherry picked from commit 76f8d0fbada15c9466f66a2d9961bebd1425d141)
* docs:smb.conf: explain effect of new setting 'desired' of smb encryptMichael Adam2015-07-191-19/+47
| | | | | | | | | | Thereby clarify some details. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (cherry picked from commit 365d9d8bdfe9759ef9662d0080cf9c9a0767dbf2)
* smbd:smb2: use encryption_desired in send_breakMichael Adam2015-07-191-2/+2
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (cherry picked from commit 14357700fd69291995ce6adebb13e7340a63c209)
* smbd:smb2: only enable encryption in tcon if desiredMichael Adam2015-07-191-3/+6
| | | | | | | | | | | Don't enforce it but only announce DATA_ENCRYPT, making use of encryption_desired in tcon. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (cherry picked from commit 41cb881e775ea7eb0c59d9e0cafb6ab5531918d9)
* smbd:smb2: only enable encryption in session if desiredMichael Adam2015-07-191-3/+4
| | | | | | | | | | | Don't enforce it but only announce ENCRYPT_DATA, using the encryption_desired flag in session setup. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (cherry picked from commit fc228025d78f165815d3fa1670d51f0c27ed2091)
* smbd:smb2: separate between encryption required and enc desiredMichael Adam2015-07-192-4/+17
| | | | | | | | | | | | | | | | | this means we: - accept unencrypted requests if encryption only desired and not required, - but we always send encrypted responses in the desired case, not only when the request was encrypted. For this purpose, the do_encryption in the request structure is separated into was_encrypted and do_encryption. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (cherry picked from commit 3bb299944391633c45d87d5e8ad48c2c14428592)
* smbXsrv: add bools encryption_desired to session and tconMichael Adam2015-07-191-0/+2
| | | | | | | | | | | This is to indicate that we should sen the ENCRYPT_DATA flag on session or tcon replies. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (cherry picked from commit a3ea6dbef53e049701326497e684e1563344e6d8)
* Introduce setting "desired" for 'smb encrypt' and 'client/server signing'Michael Adam2015-07-194-0/+9
| | | | | | | | | | | | This should trigger the behaviour where the server requires signing when the client supports it, but does not reject clients that don't support it. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (cherry picked from commit 204cbe3645c59b43175beeadad792b4a00e80da3)
* smbd: Make SMB3 clients use encryption with "smb encrypt = auto"Volker Lendecke2015-07-192-0/+10
| | | | | | | | | | | | | | | Slight modification for 4.1 by Michael Adam <obnox@samba.org> (s/xconn/conn/ in smb2_sesssetup.c) BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Tue Mar 3 10:40:42 CET 2015 on sn-devel-104 (cherry picked from commit b3385f74db54bd8a07a0be5515151b633c067da4)
* s4:selftest: also run rpc.winreg with kerberos and all possible auth optionsStefan Metzmacher2015-07-121-0/+7
| | | | | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Jun 23 17:31:08 CEST 2015 on sn-devel-104 (cherry picked from commit 6dd117b21ef06da68af67051f2822f71193d193a) Autobuild-User(v4-1-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-1-test): Sun Jul 12 00:09:40 CEST 2015 on sn-devel-104
* s4:selftest: run rpc.echo tests also with krb5 krb5,sign krb5,sealStefan Metzmacher2015-07-111-1/+1
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit 5b917fd6226952a1f792d1ad921d2ae54ab6ab42)
* s4:rpc_server: fix padding caclucation in dcesrv_auth_response()Stefan Metzmacher2015-07-111-1/+1
| | | | | | | | | | | | | | This is simplified by using DCERPC_AUTH_PAD_LENGTH() and changes the behaviour so that we will use no padding if the stub_length is already aligned to DCERPC_AUTH_PAD_ALIGNMENT (16 bytes). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 69c1b4b7c10dd5fd9cacaa3a76c47bc854ee3fed)
* s4:rpc_server: let dcesrv_auth_response() handle sig_size == 0 with ↵Stefan Metzmacher2015-07-111-1/+5
| | | | | | | | | | | | | | auth_info as error Don't send plaintext on the wire because of an internal error... BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 1bf7ab49b4459e81ab2b82d9668b3d7cb76372f4)
* s4:rpc_server: let dcesrv_reply() use a sig_size for a padded payloadStefan Metzmacher2015-07-111-1/+6
| | | | | | | | | | | The sig_size could differ depending on the aligment/padding. So should use the same alignment as we use for the payload. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 16f3837e026e4cae135bbdddf09b44a02af25b05)
* s4:rpc_server: let dcesrv_reply() use DCERPC_AUTH_PAD_ALIGNMENT defineStefan Metzmacher2015-07-111-1/+1
| | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 3fbdb255e3ac7ad5261c5fa3836e4a38a0d59221)
View Lorry Controller Status