Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
swat doesn't have a central event loop.
metze
|
|
|
|
metze
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Sep 8 10:21:50 CEST 2011 on sn-devel-104
|
|
This is more portable, as we have a strtoll replacement
in lib/replace.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Aug 6 11:55:45 CEST 2011 on sn-devel-104
|
|
SLES 9's glibc for example had weird macros where the use of strncat resulted
in the use of strcat which we don't allow.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Björn Jacke <bj@sernet.de>
Autobuild-Date: Thu Aug 4 17:50:24 CEST 2011 on sn-devel-104
|
|
In CGI mode, we don't get access to the user's password, which would
reduce the hash used so far to parameters an attacker can easily guess.
To work around this, read the nonce from secrets.tdb or generate one if
it's not there.
Also populate the C_user field so we can use that for token creation.
Signed-off-by: Kai Blin <kai@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Jul 26 23:33:24 CEST 2011 on sn-devel-104
|
|
Signed-off-by: Kai Blin <kai@samba.org>
|
|
Signed-off-by: Kai Blin <kai@samba.org>
|
|
Signed-off-by: Kai Blin <kai@samba.org>
|
|
Signed-off-by: Kai Blin <kai@samba.org>
|
|
Signed-off-by: Kai Blin <kai@samba.org>
|
|
Signed-off-by: Kai Blin <kai@samba.org>
|
|
Signed-off-by: Kai Blin <kai@samba.org>
|
|
Signed-off-by: Kai Blin <kai@samba.org>
|
|
Signed-off-by: Kai Blin <kai@samba.org>
|
|
|
|
Signed-off-by: Kai Blin <kai@samba.org>
|
|
Thanks to Simo for reporting!
Karolin
(cherry picked from commit 9f73c1990a19daa899fa5345530a867e69a5be94)
(cherry picked from commit bcb052c29212954a3ed10c9f095c51e4e0a96af5)
|
|
Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack
against SWAT, the Samba Web Administration Tool. The attack uses reflection to
insert arbitrary content into the "change password" page.
This patch fixes the reflection issue by not printing user-specified content on
the website anymore.
Signed-off-by: Kai Blin <kai@samba.org>
|
|
Remove
int toupper_ascii(int c);
int tolower_ascii(int c);
int isupper_ascii(int c);
int islower_ascii(int c);
and replace with their _m equivalents, as they are identical.
|
|
Jermey started this in 1997 with 0aa493cc0303aa4177f289b9e4c797c8fa180672
(avoiding the duplicate function makes it easier to generate the
struct loadparm_globals).
Andrew Bartlett
|
|
This defines a common table format, so we can in future define a
common table.
Andrew Bartlett
|
|
This will help with a change from .ptr to .offset
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Jun 29 03:26:21 CEST 2011 on sn-devel-104
|
|
These calls only ever output ASCII strings (protocol strings and
debugging), and never user content, so make it clear that these don't
need to be converted into UTF8.
Andrew Bartlett
|
|
There is no reason this can't be a normal constant string in the
loadparm system, now that we have lp_set_cmdline() to handle overrides
correctly.
Andrew Bartlett
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_ARRAY isn't standard talloc.
|
|
|
|
Guenther
|
|
|
|
|
|
Makes these interfaces much harder to misuse and easier to ensure error
checking.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 30 23:59:37 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Will later become part of locking.h
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
convert_string*()
we shouldn't accept bad multi-byte strings, it just hides problems
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Mar 24 01:47:26 CET 2011 on sn-devel-104
|
|
cont_fn() was supposed to be a way to continue after a seg fault. It
could never be called however, as smb_panic() from fault_report()
could never return, as dump_core() never returns at the end of
smb_panic()
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Tue Mar 22 05:07:58 CET 2011 on sn-devel-104
|
|
Guenther
|
|
|
|
|
|
Since commit 7022554, smbds share a printcap cache (printer_list.tdb),
therefore ordering of events between smbd processes is important when
updating printcap cache information. Consider the following two process
example:
1) smbd1 receives HUP or printcap cache time expiry
2) smbd1 checks whether pcap needs refresh, it does
3) smbd1 marks pcap as refreshed
4) smbd1 forks child1 to obtain cups printer info
5) smbd2 receives HUP or printcap cache time expiry
6) smbd2 checks whether pcap needs refresh, it does not (due to step 3)
7) smbd2 reloads printer shares prior to child1 completion (stale pcap)
8) child1 completion, pcap cache (printer_list.tdb) is updated by smbd1
9) smbd1 reloads printer shares based on new pcap information
In this case both smbd1 and smbd2 are reliant on the pcap update
performed on child1 completion.
The prior commit "reload shares after pcap cache fill" ensures that
smbd1 only reloads printer shares following pcap update, however smbd2
continues to present shares based on stale pcap data.
This commit addresses the above problem by driving pcap cache and
printer share updates from the parent smbd process.
1) smbd0 (parent) receives a HUP or printcap cache time expiry
2) smbd0 forks child0 to obtain cups printer info
3) child0 completion, pcap cache (printer_list.tdb) is updated by smbd0
4) smbd0 reloads printer shares
5) smbd0 notifies child smbds of pcap update via message_send_all()
6) child smbds read fresh pcap data and reload printer shares
This architecture has the additional advantage that only a single
process (the parent smbd) requests printer information from the printcap
backend.
Use time_mono in housekeeping functions As suggested by Björn Jacke.
|