summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* WHATSNEW: Start release notes for 3.4.18.v3-4-testKarolin Seeger2012-04-301-2/+44
| | | | | Karolin (cherry picked from commit 4c0ff855799ffd2067768869f379d2d2e3d3b514)
* VERSION: Bump version number up to 3.4.18.Karolin Seeger2012-04-301-1/+1
| | | | | Karolin (cherry picked from commit 195943b7bf95e4a85795f86dda0cf71170c7c2de)
* Fix self granting privileges in security=ads.Jeremy Allison2012-04-301-4/+38
| | | | | CVE-2012-2111 (cherry picked from commit 55045f52181e5448c2aeefabde047128158d7c2e)
* WHATSNEW: Release notes 3.4.17.Karolin Seeger2012-04-301-4/+11
| | | | | Karolin (cherry picked from commit a78242b544ab1a7b486856b87824050deca661dc)
* WHATSNEW: Fix typo.Karolin Seeger2012-04-101-1/+1
| | | | | Karolin (cherry picked from commit e93e5bdb41fb28f1af5e3b072ddfd2552e58fd0c)
* WHATSNEW: Start release notes for Samba 3.4.17.Karolin Seeger2012-04-101-2/+43
| | | | | Karolin (cherry picked from commit de125e2aef6f9b465736fa5c9fac6286d7ed6a16)
* VERSION: Bump version up to 3.4.17.Karolin Seeger2012-04-101-1/+1
| | | | | Karolin (cherry picked from commit 5a68f1e8255318f3383b04ebc32ddd6e715cd54a)
* rerun 'make samba3-idl'Stefan Metzmacher2012-04-1026-3921/+7527
| | | | | | | | metze The last 12 patches address bug #8815 (PIDL based autogenerated code allows overwriting beyond of allocated array; CVE-2012-1182). (cherry picked from commit 9123504f2b6f9af458510721416cb25993959a31)
* pidl/NDR/Parser: also do range checks on the array sizeStefan Metzmacher2012-04-101-5/+20
| | | | | metze (cherry picked from commit afaa5f66a8686d5f4e371b66e846249a30e1495f)
* pidl/NDR/Parser: do array range validation in ParseArrayPullGetLength()Stefan Metzmacher2012-04-101-28/+14
| | | | | metze (cherry picked from commit 04355f68753aeb85655b7cbd8677899db0c97764)
* pidl/NDR/Parser: use helper variables for array size and lengthStefan Metzmacher2012-04-101-7/+15
| | | | | metze (cherry picked from commit d84758a5c8ce428ac5a3a8cb2e5b8a0e0662ac27)
* pidl/NDR/Parser: remember if we already know the array lengthStefan Metzmacher2012-04-101-1/+7
| | | | | metze (cherry picked from commit 3e89dbfa0dd0c8cd4bcec8ea868a401f9b132aa3)
* pidl/NDR/Parser: use ParseArrayPullGetLength() to get the number of array ↵Stefan Metzmacher2012-04-101-5/+1
| | | | | | | | | | elements (bug #8815 / CVE-2012-1182) An anonymous researcher and Brian Gorenc (HP DVLabs) working with HP's Zero Day Initiative program have found this and notified us. metze (cherry picked from commit 586c3fab85cde3bd6a5141fbba3bb5fcb6b67ab5)
* pidl/NDR/Parser: split off ParseArrayPullGetSize() and ParseArrayPullGetLength()Stefan Metzmacher2012-04-101-13/+42
| | | | | metze (cherry picked from commit eb8240ecb0d82a8f9b3b7c7d317c57f1aff74296)
* pidl/NDR/Parser: simplify logic in DeclareArrayVariables*()Stefan Metzmacher2012-04-101-8/+6
| | | | | metze (cherry picked from commit 102e9956316bbbbac2b440bb75eb039b184a2886)
* pidl/NDR/Parser: declare all union helper variables in ParseUnionPull()Stefan Metzmacher2012-04-101-2/+2
| | | | | metze (cherry picked from commit 45245f10c3bd476bcb49be25bc56bb7811b85d3c)
* pidl:NDR/Parser: fix range() for arraysStefan Metzmacher2012-04-101-1/+32
| | | | | | metze (cherry picked from commit bea4948acb4bbee2fbf886adeb53edbc84de96da) (cherry picked from commit b48e41cb5541bec34333f94fc21bcd6c47018869)
* pidl: allow foo being on the wire after [length_is(foo)] uint8 *bufferStefan Metzmacher2012-04-101-0/+4
| | | | | | metze (cherry picked from commit 92791ce9a8439ac06a22afdbeb0d0fc66c32cb31) (cherry picked from commit dd5faa13873fbdd92fa4ddd82dc69d34a73e4d1f)
* pidl: add support for [string] on fixed size arrays.Stefan Metzmacher2012-04-103-2/+117
| | | | | | | | | | | | | | | | | | | | midl also supports this: struct { long l1; [string] wchar_t str[16]; long l2; }; Where the wire size of str is encoded like a length_is() header: 4-byte offset == 0; 4-byte array length; The strings are zero terminated. metze (cherry picked from commit 7ccc9a6ef563cc855752b4e74152420b9be5af43) (cherry picked from commit 75aeb61c38efe28503991834fb5181537cdffc68)
* WHATSNEW: Prepare release notes for 3.4.16.Karolin Seeger2012-04-101-3/+11
| | | | | Karolin (cherry picked from commit 0cc91c98f6d311a92aa308e9fcbac252c96d590d)
* WHATSNEW: Start release notes for 3.4.16.Karolin Seeger2011-08-231-2/+41
| | | | Karolin
* VERSION: Bump version up to 3.4.16.Karolin Seeger2011-08-231-1/+1
| | | | Karolin
* WHATSNEW: Prepare release notes for 3.4.15.Karolin Seeger2011-08-181-4/+19
| | | | Karolin
* WHATSNEW: Update release notes.Karolin Seeger2011-08-181-5/+22
| | | | | Karolin (cherry picked from commit 315437d3d5a503b2d17c8a01f0e2c088febb041a)
* s3/swat: use strlcat instead of strncat to fix build on old Linux distrosBjörn Jacke2011-08-091-1/+1
| | | | | | | | | | | | | | | SLES 9's glibc for example had weird macros where the use of strncat resulted in the use of strcat which we don't allow. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Björn Jacke <bj@sernet.de> Autobuild-Date: Thu Aug 4 17:50:24 CEST 2011 on sn-devel-104 (cherry picked from commit d3b4d75364210e2d2a4a1cd806f28b0021f22909) Fix bug #8362 (build issue on old glibc systems). (cherry picked from commit 87fa72a5202fe3780d4a61289bf755027cd078f4) (cherry picked from commit 552ccc6588b0744ae9b3731b1406749baea03d5a)
* s3:web/swat: use strtoll() instead of atoi/atol/atollStefan Metzmacher2011-08-091-6/+19
| | | | | | | | | | | | | This is more portable, as we have a strtoll replacement in lib/replace. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Aug 6 11:55:45 CEST 2011 on sn-devel-104 (cherry picked from commit a6be0820d09b3f3eabfbb5f4356add303aa8a494) Fix bug #8347 (CVE-2011-2522 regression for HP-UX, AIX and OSF).
* WHATSNEW: Start release notes for 3.4.15.Karolin Seeger2011-07-261-2/+43
| | | | | Karolin (cherry picked from commit 999514b140c5f85497109da558d5e8630d59b57e)
* VERSION: Bump version up to 3.4.15.Karolin Seeger2011-07-261-1/+1
| | | | | Karolin (cherry picked from commit eff1c775066938267c44ab0bd25de99363c1d569)
* s3-swat: Fix typo.Karolin Seeger2011-07-261-1/+1
| | | | | | | Thanks to Simo for reporting! Karolin (cherry picked from commit 40787695a1a3200421c9409eef9e520b849ee3a1)
* s3 swat: Create random nonce in CGI modeKai Blin2011-07-261-1/+19
| | | | | | | | | | | | | | In CGI mode, we don't get access to the user's password, which would reduce the hash used so far to parameters an attacker can easily guess. To work around this, read the nonce from secrets.tdb or generate one if it's not there. Also populate the C_user field so we can use that for token creation. Signed-off-by: Kai Blin <kai@samba.org> The last 12 patches address bug #8290 (CSRF vulnerability in SWAT). This addresses CVE-2011-2522 (Cross-Site Request Forgery in SWAT). (cherry picked from commit a4922192d9b95e79bb31c54ca820a9b876a1bbe9)
* s3 swat: Add time component to XSRF tokenKai Blin2011-07-262-5/+25
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 0b811f5b825637b2ecb0450d24dc6b3425ad05a8)
* s3 swat: Add XSRF protection to printer pageKai Blin2011-07-261-10/+18
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit deb66470413780c93656294a1dca40f8cc1bada8)
* s3 swat: Add XSRF protection to password pageKai Blin2011-07-261-3/+8
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit e4e6195701d761326ad5f2dbb63aeb71b0dc7971)
* s3 swat: Add XSRF protection to shares pageKai Blin2011-07-261-5/+13
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 9839935c29ec0ab522994436e6e89939696409de)
* s3 swat: Add XSRF protection to globals pageKai Blin2011-07-261-0/+7
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 6ea5fac27f2fef35ea12c24250948e00245aacee)
* s3 swat: Add XSRF protection to wizard pageKai Blin2011-07-261-1/+8
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit d499c09fc7bf6d86e9694bc8dc60b96c80d94c35)
* s3 swat: Add XSRF protection to wizard_params pageKai Blin2011-07-261-0/+7
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 4b64b7e57d729df996d0734444415f12c066b89f)
* s3 swat: Add XSRF protection to viewconfig pageKai Blin2011-07-261-0/+7
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit b25d00e3c1ff91e7ec5f56ec2ad0d6b3d635d1e3)
* s3 swat: Add XSRF protection to status pageKai Blin2011-07-261-0/+7
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 8af2d4c60a9bad18ef1b37d4034f11c6008efcfa)
* s3 swat: Add support for anti-XSRF tokenKai Blin2011-07-262-0/+59
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 69ebd0eee88b1b4b8e29a7620e01c8d9c89b452a)
* s3 swat: Allow getting the user's HTTP auth passwordKai Blin2011-07-262-0/+10
| | | | | Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit dffaf0ed0bb7f38c23f15b0b128a5eb39a55a813)
* s3 swat: Fix possible XSS attack (bug #8289)Kai Blin2011-07-261-12/+2
| | | | | | | | | | | | Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack against SWAT, the Samba Web Administration Tool. The attack uses reflection to insert arbitrary content into the "change password" page. This patch fixes the reflection issue by not printing user-specified content on the website anymore. Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit 05fa09be5a801baa5d35014e2f54b46c1ff5466b)
* s3:nmbd_packets: return the used number of sockets in create_listen_fdset() ↵Stefan Metzmacher2011-07-041-1/+1
| | | | | | | | | | | | (bug #8276) Fix bug #7949 (DoS in Winbind and smbd with many file descriptors open) (commit feb3fcd0fa4bda0967b881315595d7702f4d1752) changed the bahavior, so that we skipped some sockets. This should work for v3-4-test. metze
* s3: increase the log level for missing PIDs on SIGCHLDDavid Disseldorp2011-06-271-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | Since the fix for bso#7836, the parent smbd is responsible for maintaining an up-to-date printcap cache. It does this by forking a child process to asynchronously fetch printcap data from CUPS. When the child process exits after fetching all printcap data, the parent smbd is sent SIGCHLD. This triggers smbd_sig_chld_handler() which looks for the exited process PID on a "children" list. Child smbd process PIDs are added to the "children" list to ensure cleanup on unclean shutdown and log level change notification messages. Printcap update process PIDs are not added to the list as they do not maintain any state that requires cleanup, nor do they wait on tevent for messages. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Thu Feb 17 11:11:45 CET 2011 on sn-devel-104 (cherry picked from commit 9c12232f1ae36e00d04114ad73edd8ba3c2c6a5c) Fix bug #8269 (smbd spams log with "Could not find child X -- ignoring" messages). (cherry picked from commit ba118ac287d49267dd2f346d4ddd2e590ebbe653)
* s3-libnet: fix bug #6364: Pull realm from supplied username on libnet joinJim McDonough2011-05-261-0/+7
|
* s3-printing: remove duplicate cups response processing codeDavid Disseldorp2011-05-261-147/+94
| | | | | | | | There is currently a lot of duplicate code included for processing responses to CUPS_GET_PRINTERS and CUPS_GET_CLASSES requests. This change splits this code into a separate function. Signed-off-by: Günther Deschner <gd@samba.org>
* s3-printing: use printcap IDL for IPCDavid Disseldorp2011-05-262-129/+108
| | | | | | | | | | Use printcap IDL for marshalling and unmarshalling messages between cups child and parent smbd processes. This simplifies the IPC and ensures the parent is notified of cups errors encountered by the child. https://bugzilla.samba.org/show_bug.cgi?id=7994 Signed-off-by: Günther Deschner <gd@samba.org>
* idl: define printcap IPC message formatDavid Disseldorp2011-05-265-1/+222
| | | | Signed-off-by: Günther Deschner <gd@samba.org>
* s3-printing: an empty cups printer list is treated as an errorDavid Disseldorp2011-05-261-6/+17
| | | | | | | | | | | | | | | | cups_async_callback() is called to receive new printcap data from a child process which requests the information from cupsd. Newly received printcap information is stored in a temporary printcap cache (tmp_pcap_cache). Once the child process closes the printcap IPC file descriptor, the system printcap cache is replaced with the newly populated tmp_pcap_cache, however this only occurs if tmp_pcap_cache is non null (has at least one printer). If the printcap cache is empty, which is the case when cups is not exporting any printers, the printcap cache is not replaced resulting in stale data. Signed-off-by: Günther Deschner <gd@samba.org>
* s3-printing: remove pcap_cache_loaded assertsDavid Disseldorp2011-05-232-4/+0
| | | | | | | | | | | | | | | | | pcap_cache_loaded() assertions were added to the (re)load_printers() functions, to ensure the caller had called pcap_cache_reload() prior to reloading printer shares. The problem is, pcap_cache_loaded() returns false if the the pcap_cache contains no printer entries. i.e. pcap_cache_reload() has run but not detected any printers. Remove these assertions, correct call ordering is already enforced. Signed-off-by: Günther Deschner <gd@samba.org> The last 3 patches address bug #7836 (A newly added printer isn't visbile to clients).
View Lorry Controller Status