summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2011-07-27s3-spoolss: Use tmp_ctx in winreg_get_printer_dataex_internal.Andreas Schneider1-9/+22
2011-07-27s3-spoolss: Use tmp_ctx in winreg_enum_printer_dataex_internal.Andreas Schneider1-7/+20
2011-07-27s3-spoolss: Use tmp_ctx in winreg_set_printer_dataex_internal.Andreas Schneider1-9/+22
2011-07-27s3-spoolss: Use tmp_ctx in winreg_update_printer_internal.Andreas Schneider1-8/+21
2011-07-27s3-spoolss: Use tmp_ctx in winreg_create_printer_internal.Andreas Schneider1-4/+17
2011-07-27s3-spoolss: Use tmp_ctx in winreg_get_printer_internal.Andreas Schneider1-5/+17
2011-07-27s3-spoolss: Use tmp_ctx in winreg_printer_get_changeid_internal.Andreas Schneider1-5/+18
2011-07-27s3-spoolss: Use tmp_ctx in winreg_printer_update_changeid_internal.Andreas Schneider1-4/+17
2011-07-27s3-spoolss: Use tmp_ctx in winreg_delete_printer_key_internal.Andreas Schneider1-5/+18
2011-07-27s3-spoolss: Free local in winreg_printer_binding_handle.Andreas Schneider1-0/+1
2011-07-27s3-spoolss: Improve memory efficiency.Simo Sorce1-158/+242
p->mem_ctx is a relatively long lived context as it will not be freed until a full request is served. In spoolss we do a lot of operations including opening new pipes to connect to winreg. Use more shortlived temporary contexts to avoid leaking a lot of memory on p->mem_ctx and carrying it around untill all the operations in the current call are done. Signed-off-by: Andreas Schneider <asn@samba.org>
2011-07-27s3-rpc_client: Fix memory context in winreg_enum_printer_dataex().Andreas Schneider1-3/+2
2011-07-27s3-rpc_client: Close policy handles before creating defaults.Andreas Schneider1-0/+15
We reopen the hive and key so close them before reopen.
2011-07-27s3-rpc_client: Close the hive handle before we open it again.Andreas Schneider1-9/+13
2011-07-27s3-rpc_client: Close hive if opening of the key fails.Andreas Schneider1-1/+11
2011-07-27s3-rpc_server: Copy correct local tsocket address.Andreas Schneider1-1/+1
2011-07-27s3:idmap_tdb2: remove the undocumented option of the silly name "tdb:idmap2.tdb"Michael Adam1-5/+1
In ancient times, when ctdb had not support for persistent databases and tdb2 was introduced as a two-layer solution and it was more important than today to be able to change the location of the permanent database file because it had to reside on shared storage. But these were times when idmap_tdb2 was not even officially released. Nowadays, with ctdb handling the persistent idmap2.tdb database, the path is stripped anyways, so this undocumented option has become unnecessary and is hence removed. Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Wed Jul 27 05:37:57 CEST 2011 on sn-devel-104
2011-07-27s3:idmap_tdb2: remove a legacy commentMichael Adam1-1/+0
2011-07-27s3:idmap_tdb2: remove legacy commentMichael Adam1-2/+0
2011-07-27s3:idmap_tdb2: remove superfluous initialization with bogus commentMichael Adam1-3/+0
2011-07-27s3:idmap_tdb2: fix a legacy comment that does not apply any moreMichael Adam1-2/+1
2011-07-27s3:doc: add an example with idmap script to the idmap_tdb2 manpageMichael Adam1-0/+12
2011-07-27s3:docs: remove legacy text from the example in the idmap_tdb2 manpageMichael Adam1-2/+0
2011-07-27s3:doc: clarify the idmap script section in the idmap_tdb2 manpageMichael Adam1-7/+9
2011-07-27s3:docs:idmap_tdb2: update the documentation of idmap scriptMichael Adam1-2/+16
to reflect the new variant "idmap config * : script" of configuring the idmap script
2011-07-27s3:idmap_tdb2: deprecate the idmap:script parameter and use "idmap config * ↵Michael Adam1-18/+21
: script" instead With this patch, "idmap config * : script" will override "idmap : script". If "idmap : script" is present, a deprecation warning will be printed in any case. If "idmap config * : script" is not set, then the value of "idmap :script" will be used for backwards compatibility.
2011-07-27waf: update to latest waf 1.5 versionAndrew Tridgell1-0/+0
this includes an on_results fix from thomas that fixes a dependency problem with our autoproto code Note that this changes task signatures, so it will trigger a complete rebuild Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Wed Jul 27 04:27:32 CEST 2011 on sn-devel-104
2011-07-27Fix bug #8324 - smbclient cannot list directories from a big-endian machine.Jeremy Allison1-2/+2
Two uses of the setup array are not being correctly byte-swapped to little endian. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Jul 27 03:14:48 CEST 2011 on sn-devel-104
2011-07-27s3: cli_close_done->write_andx_done in test_async_echoVolker Lendecke1-2/+2
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Jul 27 02:03:49 CEST 2011 on sn-devel-104
2011-07-27s3: Fix a debug messageVolker Lendecke1-1/+1
2011-07-27s3: Fix formattingVolker Lendecke1-2/+4
2011-07-27s3: Fix an error messageVolker Lendecke1-1/+1
2011-07-27s3: Fix async smb handlingVolker Lendecke2-9/+22
In cli_echo with more than one response we ended up with more than one read_smb request. One from the call to cli_smb_req_set_pending called from cli_smb_received. The other one from cli_smb_received itself. I don't really see another way to deal with this than to hold the read_smb request in the cli_state. Metze, please check! Volker
2011-07-27s4-dcerpc: Do not return linked attribute on deleted objects it makes W2k8R2 ↵Matthieu Patou1-1/+15
loops when joining s4 domains Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Wed Jul 27 00:46:56 CEST 2011 on sn-devel-104
2011-07-26s4-dsdb: Improve the calculation of system flags according to 3.1.1.5.2.4Matthieu Patou1-2/+3
2011-07-26s4-upgradeprovision: Detect recent provision in a more reliable wayMatthieu Patou1-1/+12
2011-07-26s3 swat: Create random nonce in CGI modeKai Blin1-1/+19
In CGI mode, we don't get access to the user's password, which would reduce the hash used so far to parameters an attacker can easily guess. To work around this, read the nonce from secrets.tdb or generate one if it's not there. Also populate the C_user field so we can use that for token creation. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Jul 26 23:33:24 CEST 2011 on sn-devel-104
2011-07-26s3 swat: Add time component to XSRF tokenKai Blin2-5/+25
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to printer pageKai Blin1-10/+18
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to password pageKai Blin1-3/+8
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to shares pageKai Blin1-5/+13
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to globals pageKai Blin1-0/+7
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to wizard pageKai Blin1-0/+7
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to wizard_params pageKai Blin1-0/+7
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to viewconfig pageKai Blin1-0/+7
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to status pageKai Blin1-0/+7
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add support for anti-XSRF tokenKai Blin2-0/+59
2011-07-26s3 swat: Allow getting the user's HTTP auth passwordKai Blin2-0/+10
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3-swat: Fix typo.Karolin Seeger1-1/+1
Thanks to Simo for reporting! Karolin (cherry picked from commit 9f73c1990a19daa899fa5345530a867e69a5be94) (cherry picked from commit bcb052c29212954a3ed10c9f095c51e4e0a96af5)
2011-07-26s3 swat: Fix possible XSS attack (bug #8289)Kai Blin1-12/+2
Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack against SWAT, the Samba Web Administration Tool. The attack uses reflection to insert arbitrary content into the "change password" page. This patch fixes the reflection issue by not printing user-specified content on the website anymore. Signed-off-by: Kai Blin <kai@samba.org>