summaryrefslogtreecommitdiff
path: root/source3/web/cgi.c
AgeCommit message (Collapse)AuthorFilesLines
2012-06-28Replace all uses of setXX[ug]id() and setgroups with samba_setXX[ug]id() calls.Jeremy Allison1-2/+3
Will allow thread-specific credentials to be added by modifying the central definitions. Deliberately left the setXX[ug]id() call in popt as this is not used in Samba.
2011-07-26s3 swat: Create random nonce in CGI modeKai Blin1-1/+19
In CGI mode, we don't get access to the user's password, which would reduce the hash used so far to parameters an attacker can easily guess. To work around this, read the nonce from secrets.tdb or generate one if it's not there. Also populate the C_user field so we can use that for token creation. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Jul 26 23:33:24 CEST 2011 on sn-devel-104
2011-07-26s3 swat: Allow getting the user's HTTP auth passwordKai Blin1-0/+9
Signed-off-by: Kai Blin <kai@samba.org>
2011-06-23s3-swat Remove d_printf() callsAndrew Bartlett1-2/+2
These calls only ever output ASCII strings (protocol strings and debugging), and never user content, so make it clear that these don't need to be converted into UTF8. Andrew Bartlett
2011-03-30Fix convert_string() to take a *converted_size arg. and return a bool.Jeremy Allison1-4/+9
Makes these interfaces much harder to misuse and easier to ensure error checking. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Mar 30 23:59:37 CEST 2011 on sn-devel-104
2011-03-30s3-auth: use auth.h where needed.Günther Deschner1-0/+1
Guenther
2011-03-30s3-build: only include intl protos where needed.Günther Deschner1-0/+1
Guenther
2011-03-30s3-includes: only include system/filesys.h when needed.Günther Deschner1-0/+1
Guenther
2011-03-30s3-includes: only include system/passwd.h when needed.Günther Deschner1-0/+1
Guenther
2011-03-24charcnv: removed the allow_badcharcnv and allow_bad_conv options to ↵Andrew Tridgell1-4/+4
convert_string*() we shouldn't accept bad multi-byte strings, it just hides problems Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Thu Mar 24 01:47:26 CET 2011 on sn-devel-104
2010-10-20Make getpwnam_alloc() static to lib/username.c, and ensure all username ↵Jeremy Allison1-2/+2
lookups go through Get_Pwnam_alloc(), which is the correct wrapper function. We were using it *some* of the time anyway, so this just makes us properly consistent. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 20 16:02:12 UTC 2010 on sn-devel-104
2010-09-26s3: Remove talloc_autofree_context() from swatVolker Lendecke1-2/+2
In both cases, pass is freed immediately
2010-08-28s3: Lift smbd_server_fd() from pass_check()Volker Lendecke1-1/+7
2010-08-22s3: Move check_access to cgi.c, its only userVolker Lendecke1-0/+81
2010-08-16s3-auth: Remove obsolete 'update encrypted' option.Andreas Schneider1-3/+1
2010-08-14s3:auth Make Samba3 use the new common struct auth_usersupplied_infoAndrew Bartlett1-1/+1
This common structure will make it much easier to produce an auth module for s3compat that calls Samba4's auth subsystem. In order the make the link work properly (and not map twice), we mark both that we did try and map the user, as well as if we changed the user during the mapping. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-29s3: Fix an uninitialized variable referenceVolker Lendecke1-1/+2
2009-11-29s3: Fix some nonempty blank linesVolker Lendecke1-20/+20
2009-11-29s3: Pass fake_dir_create_times down to file_exist_stat, none of the callers ↵Volker Lendecke1-1/+2
look at the mtime
2009-11-29s3: "cgi_download" only looks at the mode and sizeVolker Lendecke1-1/+1
2009-11-29s3: Pass the "fake dir create times" parameter to sys_*statVolker Lendecke1-2/+1
Step 0 to restore it as a per-share paramter
2009-05-26Introduce "struct stat_ex" as a replacement for SMB_STRUCT_STATVolker Lendecke1-4/+4
This patch introduces struct stat_ex { dev_t st_ex_dev; ino_t st_ex_ino; mode_t st_ex_mode; nlink_t st_ex_nlink; uid_t st_ex_uid; gid_t st_ex_gid; dev_t st_ex_rdev; off_t st_ex_size; struct timespec st_ex_atime; struct timespec st_ex_mtime; struct timespec st_ex_ctime; struct timespec st_ex_btime; /* birthtime */ blksize_t st_ex_blksize; blkcnt_t st_ex_blocks; }; typedef struct stat_ex SMB_STRUCT_STAT; It is really large because due to the friendly libc headers playing macro tricks with fields like st_ino, so I renamed them to st_ex_xxx. Why this change? To support birthtime, we already have quite a few #ifdef's at places where it does not really belong. With a stat struct that we control, we can consolidate the nanosecond timestamps and the birthtime deep in the VFS stat calls. At this moment it is triggered by a request to support the birthtime field for GPFS. GPFS does not extend the system level struct stat, but instead has a separate call that gets us the additional information beyond posix. Without being able to do that within the VFS stat calls, that support would have to be scattered around the main smbd code. It will very likely break all the onefs modules, but I think the changes will be reasonably easy to do.
2009-04-14Convert Samba3 to use the common lib/util/charset APIAndrew Bartlett1-2/+2
This removes calls to push_*_allocate() and pull_*_allocate(), as well as convert_string_allocate, as they are not in the common API To allow transition to a common charcnv in future, provide Samba4-like strupper functions in source3/lib/charcnv.c (the actual implementation remains distinct, but the API is now shared) Andrew Bartlett
2008-12-30Fix more "ignore return value" warnings from gcc 4.3.Jeremy Allison1-1/+3
Jeremy
2008-11-06Make us clean under valgrind --leak-check=full by using ↵Jeremy Allison1-2/+2
talloc_autofree_context() instead of NULL. Remove the code in memcache that does a TALLOC_FREE on stored pointers. That's a disaster waiting to happen. If you're storing talloc'ed pointers, you can't know their lifecycle and they should be deleted when their parent context is deleted, so freeing them at some arbitrary point later will be a double-free. Jeremy.
2008-10-18Use separate make variables for libutil and libcrypto.Jelmer Vernooij1-1/+1
2008-10-11Cope with changed signature of http_timestring().Jelmer Vernooij1-2/+3
2008-06-03Fix saving of the config file in SWAT; [#5516].Andreas Schneider1-2/+2
The strlen of the source string passed to convert_string_allocate was too short :) Signed-off-by: Stefan Metzmacher <metze@samba.org> (This used to be commit ac3597ef8b7781499ab55f1039670ec82202e32c)
2008-04-11Cleanup size_t return values in convert_string_allocateTim Prouty1-4/+4
This patch is the first iteration of an inside-out conversion to cleanup functions in charcnv.c returning size_t == -1 to indicate failure. (This used to be commit 59124382d2894a1b194b48dd82bc5f956959eb48)
2008-01-23strtok -> strtok_rVolker Lendecke1-1/+3
(This used to be commit fd34ce437057bb34cdc37f4b066e424000d36789)
2007-12-03Make strhex_to_str clear on string limits. Remove pstring from web/*.cJeremy Allison1-16/+20
Jeremy. (This used to be commit f9c8d62389f8cb47837e5360209936176537df13)
2007-11-03I can't get away without a 'length' arg. :-).Jeremy Allison1-1/+1
Jeremy. (This used to be commit 95d01279a5def709d0a5d5ae7224d6286006d120)
2007-11-03Stop get_peer_addr() and client_addr() from using globalJeremy Allison1-1/+2
statics. Part of my library cleanups. Jeremy. (This used to be commit e848506c858bd16706c1d7f6b4b032005512b8ac)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-6/+6
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-11Add const to the get_peer_addr() and get_socket_addr()Jeremy Allison1-2/+2
calls. Use the IPv6 varient for get_peer_addr(). Jeremy. (This used to be commit baf1f52e34ae2465a7a34be1065da29ed97e7bea)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r17873: Fix possible null deref found by Stanford checker.Jeremy Allison1-2/+3
Jeremy. (This used to be commit 1adb3b2432187e9a19b78cfa5762c3e05a357392)
2007-10-10r16426: Klocwork #1544, #1545, #1546, #1549, #1550, #1552, #1553, #1554Jeremy Allison1-0/+15
Jeremy. (This used to be commit e71cc6647a2eaba0eac95b6abb40745e45db72a4)
2007-10-10r13915: Fixed a very interesting class of realloc() bugs found by Coverity.Jeremy Allison1-1/+1
realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2007-10-10r13571: Replace all calls to talloc_free() with thye TALLOC_FREE()Gerald Carter1-3/+3
macro which sets the freed pointer to NULL. (This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-5/+5
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r8219: Merge the new open code from HEAD to 3.0. Haven't yet run the tortureJeremy Allison1-0/+4
tests on this as it's very late NY time (just wanted to get this work into the tree). I'll test this over the weekend.... Jerry - in looking at the difference between the two trees there seem to be some printing/ntprinting.c and registry changes we might want to examine to try keep in sync. Jeremy. (This used to be commit c7fe18761e2c753afbffd3a78abff46472a9b8eb)
2007-10-10r4577: Fix from William Jojo <jojowil@hvcc.edu> for AIX 5.3 compile.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 80e7c6c312eb0bdb93fe381e7ce3a24a21dd9cf0)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-10/+10
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r2835: Since we always have -I. and -I$(srcdir) in CFLAGS, we can get rid ofTim Potter1-1/+1
'..' from all #include preprocessor commands. This fixes bugzilla #1880 where OpenVMS gets confused about the '.' characters. (This used to be commit 7f161702fa4916979602cc0295919b541912acd6)
2007-10-10r2771: Second (and last) part of Swat-i18n-Patch from Björn JackeGünther Deschner1-6/+6
<bjacke@sernet.de> "Do not use display charset for swat output. In HTML we do not care about the "locale charmap" because HTML code is UTF-8 only now. Additionally take care that we convert files from statuspage from unix charset to UTF-8. Thus we have correct HTML output under all circumstances. We now also convert the share names correctly from unix encoding to web encoding and vice vera. " Guenther (This used to be commit 6d9f77c2bb95db4939b8ef375e22b188168b70ab)
2007-10-10r1833: patch from James Peach to get swat to look for index.html by default ↵Gerald Carter1-4/+24
when given a trailing directory/ (This used to be commit 980740da784ce00ad1b388872297b82d4d368044)
2004-03-11Restore the contract on all convert_stringXX() interfaces. Add a ↵Jeremy Allison1-4/+4
"allow_bad_conv" boolean parameter that allows broken iconv conversions to work. Gets rid of the nasty errno checks in mangle_hash2 and check_path_syntax and allows correct return code checking. Jeremy. (This used to be commit 7b96765c23637613f079d37566d95d5edd511f05)
2004-02-08Make more functions static, and remove duplication in the use of functionsAndrew Bartlett1-1/+1
in lib/smbpasswd.c that were exact duplicates of functions in passdb/passdb.c (These should perhaps be pulled back out to smbpasswd.c, but that can occour later). Andrew Bartlett (This used to be commit fcdc5efb1e245c8fa95cd031f67ec56093b9056e)