summaryrefslogtreecommitdiff
path: root/source3/web
Commit message (Collapse)AuthorAgeFilesLines
* s3:web/swat: use short term event and message contextsStefan Metzmacher2011-12-141-4/+35
| | | | | | swat doesn't have a central event loop. metze
* s3: Use autogenerated open_files.idlVolker Lendecke2011-12-021-0/+1
|
* s3:web: s/Undefined/SMB_SIGNING_DEFAULT/Stefan Metzmacher2011-11-031-1/+1
| | | | metze
* s3:libsmb: pass CLI_FULL_CONNECTION_* flags via cli_connect_nb()Stefan Metzmacher2011-09-081-1/+1
| | | | | | | metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Sep 8 10:21:50 CEST 2011 on sn-devel-104
* s3:web/swat: use strtoll() instead of atoi/atol/atollStefan Metzmacher2011-08-061-6/+19
| | | | | | | | | | This is more portable, as we have a strtoll replacement in lib/replace. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Aug 6 11:55:45 CEST 2011 on sn-devel-104
* s3/swat: use strlcat instead of strncat to fix build on old Linux distrosBjörn Jacke2011-08-041-1/+1
| | | | | | | | | | SLES 9's glibc for example had weird macros where the use of strncat resulted in the use of strcat which we don't allow. Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Björn Jacke <bj@sernet.de> Autobuild-Date: Thu Aug 4 17:50:24 CEST 2011 on sn-devel-104
* s3 swat: Create random nonce in CGI modeKai Blin2011-07-261-1/+19
| | | | | | | | | | | | | In CGI mode, we don't get access to the user's password, which would reduce the hash used so far to parameters an attacker can easily guess. To work around this, read the nonce from secrets.tdb or generate one if it's not there. Also populate the C_user field so we can use that for token creation. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Jul 26 23:33:24 CEST 2011 on sn-devel-104
* s3 swat: Add time component to XSRF tokenKai Blin2011-07-262-5/+25
| | | | Signed-off-by: Kai Blin <kai@samba.org>
* s3 swat: Add XSRF protection to printer pageKai Blin2011-07-261-10/+18
| | | | Signed-off-by: Kai Blin <kai@samba.org>
* s3 swat: Add XSRF protection to password pageKai Blin2011-07-261-3/+8
| | | | Signed-off-by: Kai Blin <kai@samba.org>
* s3 swat: Add XSRF protection to shares pageKai Blin2011-07-261-5/+13
| | | | Signed-off-by: Kai Blin <kai@samba.org>
* s3 swat: Add XSRF protection to globals pageKai Blin2011-07-261-0/+7
| | | | Signed-off-by: Kai Blin <kai@samba.org>
* s3 swat: Add XSRF protection to wizard pageKai Blin2011-07-261-0/+7
| | | | Signed-off-by: Kai Blin <kai@samba.org>
* s3 swat: Add XSRF protection to wizard_params pageKai Blin2011-07-261-0/+7
| | | | Signed-off-by: Kai Blin <kai@samba.org>
* s3 swat: Add XSRF protection to viewconfig pageKai Blin2011-07-261-0/+7
| | | | Signed-off-by: Kai Blin <kai@samba.org>
* s3 swat: Add XSRF protection to status pageKai Blin2011-07-261-0/+7
| | | | Signed-off-by: Kai Blin <kai@samba.org>
* s3 swat: Add support for anti-XSRF tokenKai Blin2011-07-262-0/+59
|
* s3 swat: Allow getting the user's HTTP auth passwordKai Blin2011-07-262-0/+10
| | | | Signed-off-by: Kai Blin <kai@samba.org>
* s3-swat: Fix typo.Karolin Seeger2011-07-261-1/+1
| | | | | | | | Thanks to Simo for reporting! Karolin (cherry picked from commit 9f73c1990a19daa899fa5345530a867e69a5be94) (cherry picked from commit bcb052c29212954a3ed10c9f095c51e4e0a96af5)
* s3 swat: Fix possible XSS attack (bug #8289)Kai Blin2011-07-261-12/+2
| | | | | | | | | | | Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack against SWAT, the Samba Web Administration Tool. The attack uses reflection to insert arbitrary content into the "change password" page. This patch fixes the reflection issue by not printing user-specified content on the website anymore. Signed-off-by: Kai Blin <kai@samba.org>
* First part of fix for bug 8310 - toupper_ascii() is broken on big-endian systemsJeremy Allison2011-07-191-1/+1
| | | | | | | | | | Remove int toupper_ascii(int c); int tolower_ascii(int c); int isupper_ascii(int c); int islower_ascii(int c); and replace with their _m equivalents, as they are identical.
* param: Finish conversion from lp_wins_support() -> lp_we_are_a_wins_server()Andrew Bartlett2011-07-021-2/+2
| | | | | | | | | Jermey started this in 1997 with 0aa493cc0303aa4177f289b9e4c797c8fa180672 (avoiding the duplicate function makes it easier to generate the struct loadparm_globals). Andrew Bartlett
* param: Merge param headers into lib/param/loadparm.hAndrew Bartlett2011-06-291-0/+1
| | | | | | | This defines a common table format, so we can in future define a common table. Andrew Bartlett
* s3-param use lp_parm_ptr() rather than parm.ptr directlyAndrew Bartlett2011-06-291-5/+8
| | | | | | | | | This will help with a change from .ptr to .offset Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Jun 29 03:26:21 CEST 2011 on sn-devel-104
* s3-swat Remove d_printf() callsAndrew Bartlett2011-06-231-2/+2
| | | | | | | | These calls only ever output ASCII strings (protocol strings and debugging), and never user content, so make it clear that these don't need to be converted into UTF8. Andrew Bartlett
* s3-param Remove special case for global_myname(), rename to lp_netbios_name()Andrew Bartlett2011-06-091-1/+1
| | | | | | | | There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett
* s3-talloc Change TALLOC_ARRAY() to talloc_array()Andrew Bartlett2011-06-091-1/+1
| | | | | Using the standard macro makes it easier to move code into common, as TALLOC_ARRAY isn't standard talloc.
* s3: Use cli_connect_nb in smbd_running()Volker Lendecke2011-05-281-7/+3
|
* s3-libsmb: move protos to libsmb/proto.hGünther Deschner2011-05-061-0/+1
| | | | Guenther
* More simple const fixups.Jeremy Allison2011-05-051-1/+1
|
* dynconfig: Have only one dynconfig.o in the common code.Andrew Bartlett2011-04-271-1/+1
|
* Fix convert_string() to take a *converted_size arg. and return a bool.Jeremy Allison2011-03-301-4/+9
| | | | | | | | Makes these interfaces much harder to misuse and easier to ensure error checking. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Mar 30 23:59:37 CEST 2011 on sn-devel-104
* s3-auth: use auth.h where needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-locking: move locking prototypes out of proto.h.Günther Deschner2011-03-301-0/+1
| | | | | | Will later become part of locking.h Guenther
* s3-build: only include intl protos where needed.Günther Deschner2011-03-303-0/+3
| | | | Guenther
* s3-passdb: use passdb headers where needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-includes: only include system/filesys.h when needed.Günther Deschner2011-03-302-0/+2
| | | | Guenther
* s3-includes: only include system/passwd.h when needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-winbind: remove global inclusion of libwbclient.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* charcnv: removed the allow_badcharcnv and allow_bad_conv options to ↵Andrew Tridgell2011-03-241-4/+4
| | | | | | | | | convert_string*() we shouldn't accept bad multi-byte strings, it just hides problems Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Thu Mar 24 01:47:26 CET 2011 on sn-devel-104
* s3-fault: removed the cont_fn from fault_setup()Andrew Tridgell2011-03-221-1/+1
| | | | | | | | | | cont_fn() was supposed to be a way to continue after a seg fault. It could never be called however, as smb_panic() from fault_report() could never return, as dump_core() never returns at the end of smb_panic() Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Tue Mar 22 05:07:58 CET 2011 on sn-devel-104
* s3-printing: only include printing where really needed.Günther Deschner2011-02-221-0/+1
| | | | Guenther
* s3: Fix a type errorVolker Lendecke2011-01-081-2/+2
|
* s3: Fix some nonempty blank linesVolker Lendecke2011-01-081-3/+3
|
* s3-printing: Initiate pcap reload from parent smbdDavid Disseldorp2011-01-071-4/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since commit 7022554, smbds share a printcap cache (printer_list.tdb), therefore ordering of events between smbd processes is important when updating printcap cache information. Consider the following two process example: 1) smbd1 receives HUP or printcap cache time expiry 2) smbd1 checks whether pcap needs refresh, it does 3) smbd1 marks pcap as refreshed 4) smbd1 forks child1 to obtain cups printer info 5) smbd2 receives HUP or printcap cache time expiry 6) smbd2 checks whether pcap needs refresh, it does not (due to step 3) 7) smbd2 reloads printer shares prior to child1 completion (stale pcap) 8) child1 completion, pcap cache (printer_list.tdb) is updated by smbd1 9) smbd1 reloads printer shares based on new pcap information In this case both smbd1 and smbd2 are reliant on the pcap update performed on child1 completion. The prior commit "reload shares after pcap cache fill" ensures that smbd1 only reloads printer shares following pcap update, however smbd2 continues to present shares based on stale pcap data. This commit addresses the above problem by driving pcap cache and printer share updates from the parent smbd process. 1) smbd0 (parent) receives a HUP or printcap cache time expiry 2) smbd0 forks child0 to obtain cups printer info 3) child0 completion, pcap cache (printer_list.tdb) is updated by smbd0 4) smbd0 reloads printer shares 5) smbd0 notifies child smbds of pcap update via message_send_all() 6) child smbds read fresh pcap data and reload printer shares This architecture has the additional advantage that only a single process (the parent smbd) requests printer information from the printcap backend. Use time_mono in housekeeping functions As suggested by Björn Jacke.
* s3-printing: reload shares after pcap cache fillDavid Disseldorp2011-01-071-2/+4
| | | | | | | | | | | | | | | | Since commit eada8f8a, updates to the cups pcap cache are performed asynchronously - cups_cache_reload() forks a child process to request cups printer information and notify the parent smbd on completion. Currently printer shares are reloaded immediately following the call to cups_cache_reload(), this occurs prior to smbd receiving new cups pcap information from the child process. Such behaviour can result in stale print shares as outlined in bug 7836. This fix ensures print shares are only reloaded after new pcap data has been received. Pair-Programmed-With: Lars Müller <lars@samba.org>
* s3: Make name_query use /tmp/.nmbd/unexpectedVolker Lendecke2011-01-071-13/+9
|
* s3: Make name_query return NTSTATUSVolker Lendecke2010-12-281-4/+6
| | | | | | | Also use talloc for the result Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Dec 28 18:21:05 CET 2010 on sn-devel-104
* s3-debug Move 'load_case_tables()' before lp_set_cmdline() and popt callsAndrew Bartlett2010-11-021-2/+2
| | | | | | | | | | The problem here is that we cannot run lp_set_cmdline() (directly or indirectly via the popt helpers) until load_case_tables() has been run. However, load_case_tables does not have auto-initialisation, so we must init it once, and once only. Andrew Bartlett
* s3-debug Impove setup_logging() to specify logging to stderrAndrew Bartlett2010-11-021-4/+5
| | | | | | | | This change improves the setup_logging() API so that callers which wish to set up logging to stderr can simply ask for it, rather than directly modify the dbf global variable. Andrew Bartlett
View Lorry Controller Status