Age | Commit message (Collapse) | Author | Files | Lines |
|
Do so now....
Jeremy.
(This used to be commit 6b1246c29a0241c8e4bb98d659d847d010826b36)
|
|
== Subject: Remote code execution in Samba's WINS
== server daemon (nmbd) when processing name
== registration followed name query requests.
==
== CVE ID#: CVE-2007-5398
==
== Versions: Samba 3.0.0 - 3.0.26a (inclusive)
...
Secunia Research reported a vulnerability that allows for
the execution of arbitrary code in nmbd. This defect may
only be exploited when the "wins support" parameter has
been enabled in smb.conf.
(This used to be commit e40c372e0ddf631dd9162c1fdfaaa49c29915f23)
|
|
to struct sockaddr_storage in most places that matter (ie.
not the nmbd and NetBIOS lookups). This passes make test
on an IPv4 box, but I'll have to do more work/testing on
IPv6 enabled boxes. This should now give us a framework
for testing and finishing the IPv6 migration. It's at
the state where someone with a working IPv6 setup should
(theorecically) be able to type :
smbclient //ipv6-address/share
and have it work.
Jeremy.
(This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
|
|
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
|
|
IPv6 in winbindd, but moves most of the socket functions that were
wrongly in lib/util.c into lib/util_sock.c and provides generic
IPv4/6 independent versions of most things. Still lots of work
to do, but now I can see how I'll fix the access check code.
Nasty part that remains is the name resolution code which is
used to returning arrays of in_addr structs.
Jeremy.
(This used to be commit 3f6bd0e1ec5cc6670f3d08f76fc2cd94c9cd1a08)
|
|
(This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
|
|
the ripple effects this causes. utmp has to change etc. Remove some
global varables and store address/port in the unexpected db.
Jeremy.
(This used to be commit 18c6a2211d9e25233d01715b3f78977edcd6d869)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
(This used to be commit 6d210fb8a13e93fe5b7bc160a343f74878dea727)
|
|
to all callers of smb_setlen (via set_message()
calls). This will allow the server to reflect back
the correct encryption context.
Jeremy.
(This used to be commit 2d80a96120a5fe2fe726f00746d36d85044c4bdb)
|
|
redundent. Remove it.
Jeremy.
(This used to be commit 140881cfbb59ce4a699b5900efe02bf315be7bd5)
|
|
but I've no option.
Jeremy.
(This used to be commit c3a565081d70b209a4f9e6e8f1859bf7194a5f74)
|
|
Jeremy.
(This used to be commit dd47e0ef1175a57ec2e9b797ac942cb79f4a5d05)
|
|
Jeremy.
(This used to be commit f4bf550b5757024b41062784b185b52a1a0e11f4)
|
|
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
|
|
by rfc1002.
Jeremy.
(This used to be commit 422fb43dda13e0840245ae272b7621640b8ad220)
|
|
Jeremy.
(This used to be commit 86c5548d272c0804c0188ae744ae1bb17eb817f6)
|
|
use the correct RR type of 0xA instead of reflecting back what
the query RR type was (0x20). See rfc1002 sections 4.2.14 and
4.2.16.
Jeremy.
(This used to be commit ab8c9240044f1ef3d5c6ac4850c8ec615c2e32fd)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
Jeremy.
(This used to be commit 65fc39fc388244923d1e36076b5a4116aa434be5)
|
|
Make nmbd use maxfd+1 in select also.
Jeremy.
(This used to be commit e3ca22b80dc1c22f0e5c829d11724c79e317641f)
|
|
Jeremy.
(This used to be commit dd9b17abd6b32c090840c1a0b797fd774711cb3a)
|
|
names in nmbd. Allows conversion from dos codepage mb strings (ie. SJIS) to
expand to utf8 size on read.
Jeremy.
(This used to be commit 834d816caf9cd6318da00febde50d9233469dac2)
|
|
(MORIYAMA Masayuki).
Don't use nstrings to hold workgroup and netbios names. The problem with them is that MB netbios
and workgroup names in unix charset (particularly utf8) may be up to 3x bigger than the name
when represented in dos charset (ie. cp932). So go back to using fstrings for these but
translate into nstrings (ie. 16 byte length values) for transport on the wire.
Jeremy.
(This used to be commit b4ea493599ab414f7828b83f40a5a8b43479ff64)
|
|
Jeremy.
(This used to be commit d085c94dacffbe8199e83315340e4f60d1f0b9a5)
|
|
iconv wasn't re-initialised on reading of "charset" parameters. This
caused workgroup name to be set incorrectly if it contained an
extended character.
Jeremy.
(This used to be commit 84ae44678a6c59c999bc1023fdd9b7ad87f4ec18)
|
|
Andrew Bartlett
(This used to be commit fb29caddd987f94989f852584b912eeee45b50da)
|
|
warnings. (Adds a lot of const).
Andrew Bartlett
(This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
|
|
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
|
|
(This used to be commit 3928578b52cfc949be5e0ef444fce1558d75f290)
|
|
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
|
|
processing work correctly in winbindd. This is a really good patch
that gives full select semantics to the Samba modified select.
Jeremy.
(This used to be commit 3af16ade173cac24c1ac5eff4a36b439f16ac036)
|
|
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
|
|
Jeremy.
(This used to be commit 01ff6ce4963e1daff019f2b936cef218e1c93f67)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
(This used to be commit 1446a1562b1c618c023b056f476e26da7ee3d532)
|
|
Jeremy.
(This used to be commit d57feb2c85f973ad22098054b8d6d049869e2a69)
|
|
Jeremy.
(This used to be commit 53f35a71c6fc46814eca914573506622d7db4e08)
|
|
Jeremy.
(This used to be commit 8bd27845f0d8b19409ba79c028ce54732d7276e1)
|
|
Jeremy.
(This used to be commit eacb96396d57d6b622b750d64b3686e6fbeaf68c)
|
|
the DGRAM_PORT, since we want to actually send those to other ports.
They might be for the client library running on the Samba server!
(This used to be commit 05e2dd5e85d4aca1ccb9f6991e1415f85cbbdc1a)
|
|
(This used to be commit 46a3a56ecf411eb885aee2892e12d3846ce32ad6)
|
|
(This used to be commit fb5798e1d9eb518f85e30680883c0460141b245d)
|
|
easier to add new message types to messages.h without breaking old
binaries
- added a MSG_FORCE_ELECTION message to force nmbd to hold an election
(This used to be commit f1c49ca7ce56bc39259041a71479e84ebf53eeca)
|
|
(This used to be commit 6a503f95b10f6661b089f30f2b5ffebead32685c)
|
|
The motivation for this system is to replace the UDP message for
oplocks, but this commit only does the "set debug level" message.
(This used to be commit 2a34ee95f3929cff131db6c5a2b4820194c05b2d)
|
|
for a name query. From Steve Langasek <vorlon@netexpress.net>.
Jeremy.
(This used to be commit 9890740121ae7bd7a0196bbf946c6f8c82aa7f6e)
|
|
I had to modify sys_select() to not loop on EINTR. I added a wrapper
called sys_select_intr() which gives the old behaviour.
(This used to be commit b28cc4163bc2faaa80c5782fc02c8f03c410cdeb)
|
|
of doing a system call every time we want to just get our pid.
Jeremy.
(This used to be commit 148628b616b5c29ba6340d65fc3ddbcabba6e67a)
|