Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-09-23 | Fix bug 7694 - Crash bug with invalid SPNEGO token. | Jeremy Allison | 1 | -1/+2 | |
Found by the CodeNomicon test suites at the SNIA plugfest. http://www.codenomicon.com/ If an invalid SPNEGO packet contains no OIDs we crash in the SMB1/SMB2 server as we indirect the first returned value OIDs[0], which is returned as NULL. Jeremy. | |||||
2010-09-22 | Thank goodness for code reviews. Volker caught - this should be ↵ | Jeremy Allison | 1 | -1/+1 | |
lp_posix_pathnames() not lp_unix_extensions(). Jeremy. | |||||
2010-09-22 | Fix bug #7693 - smbd changing mode of files on rename | Jeremy Allison | 2 | -8/+10 | |
When using "map archive", don't change the archive bit on renames or writes with UNIX extensions turned on. Jeremy. | |||||
2010-09-21 | s3:registry: move prototype from reg_init_full.c to its own header. | Michael Adam | 1 | -0/+1 | |
2010-09-20 | s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions. | Günther Deschner | 1 | -17/+18 | |
Guenther | |||||
2010-09-20 | s3-build: only include ctdbd_conn.h where needed. | Günther Deschner | 2 | -0/+2 | |
Guenther | |||||
2010-09-20 | s3-build: only include async headers where needed. | Günther Deschner | 1 | -0/+1 | |
Guenther | |||||
2010-09-16 | libcli/auth/ntlmssp Be clear about talloc parents for session keys | Andrew Bartlett | 1 | -0/+1 | |
The previous API was not clear as to who owned the returned session key. This fixes a valgrind-found use-after-free in the NTLMSSP key derivation code, and avoids making allocations - we steal and zero instead. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-15 | Fix all sid_parse returns to be checked. Tidy up some checks and error | Jeremy Allison | 1 | -5/+12 | |
messages. Jeremy. | |||||
2010-09-16 | s3-smbd: prevent call_nt_transact_ioctl() crash in FSCTL_FIND_FILES_BY_SID case. | Günther Deschner | 1 | -1/+4 | |
Jeremy, please check. Guenther | |||||
2010-09-15 | Add check for invalid data size. | Jeremy Allison | 1 | -1/+8 | |
Jeremy. | |||||
2010-09-15 | s3-rpc_server: Moved ncacn_np declarations in common header file. | Simo Sorce | 2 | -0/+2 | |
Signed-off-by: Andreas Schneider <asn@samba.org> | |||||
2010-09-15 | s3-rpc_server: Convert rpc_connect_spoolss_pipe into a generic interface. | Simo Sorce | 2 | -10/+60 | |
This way we have one common way to open internal pipes whether they are shortcircuited or piped to an external process. | |||||
2010-09-13 | Fix bug 7409 - Thousands of reduce_name: couldn't get realpath. | Jeremy Allison | 1 | -1/+1 | |
Don't log this at level 1 - every EACCES will generate one. Thanks to muehlfeld@medizinische-genetik.de for pointing this out. Jeremy. | |||||
2010-09-11 | s3-privs Convert from user_has_privileges() -> security_token_has_privilege() | Andrew Bartlett | 1 | -4/+2 | |
This new call is available in the merged privileges code, and takes an enum as the parameter, rather than a bitmask. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3:auth Remove NT_USER_TOKEN | Andrew Bartlett | 4 | -4/+4 | |
The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-11 | s3-auth Change struct nt_user_token -> struct security_token | Andrew Bartlett | 1 | -4/+4 | |
This common structure is defined in security.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2010-09-10 | Add check missing from previous patch after talloc_strdup(). | Jeremy Allison | 1 | -0/+3 | |
Jeremy. | |||||
2010-09-10 | Factor out the recent changes into a function - check_parent_exists(). | Jeremy Allison | 1 | -77/+103 | |
Fix this to ensure that if "start" is manipulated, then "dirpath" is changed also. Ensures that when the path: /a/long/file/name/path.txt is processed, we first stat: /a/long/file/name/path.txt and if this fails, we try to stat: /a/long/file/name if this path exists (the normal case when creating a new entry in a directory) then we no longer do the individual path name walk, but only do case insensitive lookup on the last component. If the stat fails we do the full pathname walk as normal in 3.5.x and below. Metze, examine this change for your back-port. Jeremy. | |||||
2010-09-10 | s3-spoolss: Don't leak memory on the session counter list. | Andreas Schneider | 1 | -1/+8 | |
Thanks Günther, please check. | |||||
2010-09-09 | More paranoia to ensure SD's can't be set on read-only shares. | Jeremy Allison | 1 | -0/+4 | |
Jeremy. | |||||
2010-09-09 | s3-msdfs: Make auth_serversupplied_info const. | Andreas Schneider | 1 | -1/+1 | |
2010-09-08 | Don't rely on the underlying ACL modules to enforce share level | Jeremy Allison | 2 | -0/+10 | |
security when setting ACLs, check at the call level as well. Jeremy. | |||||
2010-09-08 | Optimization suggested by Metze. Without this patch, | Jeremy Allison | 1 | -1/+97 | |
FindFirst with 'path\to\some\dir\with\files\*' triggers the following stat calls path\to\some\dir\with\files\* => ENOENT path\ path\to\ path\to\some\ path\to\some\dir\ path\to\some\dir\with\ path\to\some\dir\with\files\ path\to\some\dir\with\files\* => ENOENT With this patch we get : path\to\some\dir\with\files\* => ENOENT path\to\some\dir\with\files = OK Jeremy. | |||||
2010-09-07 | s3: use monotonic clock for aio timeout | Björn Jacke | 1 | -2/+2 | |
2010-09-05 | s3: On Solaris, iov_len is an int | Volker Lendecke | 1 | -1/+3 | |
We can't use &iov.iov_len passing it to a size_t * | |||||
2010-08-31 | s3: messaging_ctdbd_connection() was only called with procid_self() | Volker Lendecke | 2 | -3/+2 | |
Eventually we'll get this right... | |||||
2010-08-31 | s3: use fine grained time in netprot response | Björn Jacke | 1 | -3/+4 | |
2010-08-31 | s3-auth Rename NT_USER_TOKEN user_sids -> sids | Andrew Bartlett | 3 | -6/+6 | |
This is closer to the struct security_token from security.idl | |||||
2010-08-30 | s3: Fix a segfault in the printer code using create_conn_struct | Volker Lendecke | 1 | -1/+7 | |
2010-08-30 | s3: Fix some uninitialized variable warnings | Volker Lendecke | 2 | -6/+6 | |
2010-08-30 | s3-smbd: use make_server_info_krb5() in smb2 too. | Simo Sorce | 1 | -75/+8 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-30 | s3-smbd: use make_server_info_krb5() | Simo Sorce | 1 | -79/+11 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-30 | s3-smbd: User helper function to resolve kerberos user for smb2 | Simo Sorce | 1 | -125/+30 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-30 | s3-smbd: Use helper function to resolve kerberos user | Simo Sorce | 1 | -123/+27 | |
Signed-off-by: Günther Deschner <gd@samba.org> | |||||
2010-08-29 | s3: Fix an uninitialized variable | Volker Lendecke | 1 | -1/+1 | |
2010-08-29 | s3: Fix the build without cluster | Volker Lendecke | 1 | -0/+4 | |
2010-08-29 | s3: Remove smbd_server_fd() | Volker Lendecke | 2 | -8/+1 | |
This breaks the perfcol_onefs() build. Tim, Steve, this use of smbd_server_fd is replacable by calls into substitute.c. I don't have a onefs environment around to build a fix, so I've decided to insert an #error, making it not compile. The fix should be pretty obvious, you can get the socket data via "%I" and "%i" substitutions. | |||||
2010-08-29 | s3: Remove two uses of smbd_server_fd() | Volker Lendecke | 2 | -2/+2 | |
Actually, this is a bit cheating. But those two files depend on smbd_server_conn anyway, it does not make things worse. | |||||
2010-08-29 | s3: Remove smbd_server_fd() from smbd_register_ips | Volker Lendecke | 1 | -3/+4 | |
2010-08-29 | s3: Lift smbd_server_fd() from msg_release_ip() | Volker Lendecke | 1 | -4/+4 | |
2010-08-29 | s3: Lift smbd_server_fd() from release_ip() | Volker Lendecke | 1 | -11/+27 | |
2010-08-29 | s3: Remove a use of smbd_server_fd() in smbd main() | Volker Lendecke | 1 | -2/+1 | |
The effect this might have is that we set the socket options a bit later in inetd mode. | |||||
2010-08-29 | s3: Pass sconn to check_reload | Volker Lendecke | 1 | -4/+4 | |
This removes a use of smbd_server_fd() | |||||
2010-08-29 | s3: Pass sconn instead of msg_ctx to housekeeping_fn | Volker Lendecke | 1 | -6/+5 | |
2010-08-29 | s3: Set the client_id in substitute.c once | Volker Lendecke | 1 | -0/+5 | |
This never changes during a client connection's life, so we can set it once. | |||||
2010-08-28 | s3: Remove some references to smbd_server_fd() | Volker Lendecke | 1 | -5/+7 | |
2010-08-28 | s3: Remove smbd_server_fd() from set_local_machine_name() | Volker Lendecke | 1 | -0/+9 | |
2010-08-28 | s3:smbd: s/sa_len/sa_socklen , because sa_len is a macro on IRIX | Stefan Metzmacher | 1 | -7/+7 | |
metze | |||||
2010-08-27 | Fix bug #7653 - When SMB2 is on, Windows 7 clients can not connect as guest ↵ | Jeremy Allison | 1 | -0/+8 | |
to a share. Fix "security = share" with SMB2 by mapping internally to "security = user" and "map to guest = Bad User". Jeremy. |