summaryrefslogtreecommitdiff
path: root/source3
AgeCommit message (Collapse)AuthorFilesLines
2011-07-26s3 swat: Create random nonce in CGI modeKai Blin1-1/+19
In CGI mode, we don't get access to the user's password, which would reduce the hash used so far to parameters an attacker can easily guess. To work around this, read the nonce from secrets.tdb or generate one if it's not there. Also populate the C_user field so we can use that for token creation. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Jul 26 23:33:24 CEST 2011 on sn-devel-104
2011-07-26s3 swat: Add time component to XSRF tokenKai Blin2-5/+25
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to printer pageKai Blin1-10/+18
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to password pageKai Blin1-3/+8
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to shares pageKai Blin1-5/+13
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to globals pageKai Blin1-0/+7
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to wizard pageKai Blin1-0/+7
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to wizard_params pageKai Blin1-0/+7
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to viewconfig pageKai Blin1-0/+7
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add XSRF protection to status pageKai Blin1-0/+7
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3 swat: Add support for anti-XSRF tokenKai Blin2-0/+59
2011-07-26s3 swat: Allow getting the user's HTTP auth passwordKai Blin2-0/+10
Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3-swat: Fix typo.Karolin Seeger1-1/+1
Thanks to Simo for reporting! Karolin (cherry picked from commit 9f73c1990a19daa899fa5345530a867e69a5be94) (cherry picked from commit bcb052c29212954a3ed10c9f095c51e4e0a96af5)
2011-07-26s3 swat: Fix possible XSS attack (bug #8289)Kai Blin1-12/+2
Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack against SWAT, the Samba Web Administration Tool. The attack uses reflection to insert arbitrary content into the "change password" page. This patch fixes the reflection issue by not printing user-specified content on the website anymore. Signed-off-by: Kai Blin <kai@samba.org>
2011-07-26s3-build: Only define ldb3 when not in standalone build.Jelmer Vernooij1-4/+3
This prevents errors about it by 'make SYMBOLCHECK=1' if there is a system ldb present. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Tue Jul 26 18:21:48 CEST 2011 on sn-devel-104
2011-07-26s3:lib change default share security access maskChristian Ambach1-3/+3
when there is no share SD set, the default share SD that is used e.g. for the output of sharesec -v defaults to a value that is not equivalent to the desired FULL access. This is a more or less a cosmetical follow-up for the patches in Bug #8201 that makes them more consumeable by printing FULL (that is what the user expects) instead of a bitmask in hexadecimal form. previous output: REVISION:1 OWNER:(NULL SID) GROUP:(NULL SID) ACL:S-1-1-0:ALLOWED/0/0x101f01ff with patch: REVISION:1 OWNER:(NULL SID) GROUP:(NULL SID) ACL:S-1-1-0:ALLOWED/0/FULL Autobuild-User: Christian Ambach <ambi@samba.org> Autobuild-Date: Tue Jul 26 15:57:55 CEST 2011 on sn-devel-104
2011-07-26libsamba-util: Build in libbitmap.Jelmer Vernooij1-1/+1
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Tue Jul 26 14:45:27 CEST 2011 on sn-devel-104
2011-07-26cli_smb_common: Lowercase name.Jelmer Vernooij1-3/+3
2011-07-26cli_cldap: Lowercase name.Jelmer Vernooij1-1/+1
2011-07-26cli_spools: Lowercase name.Jelmer Vernooij1-5/+5
2011-07-26s3: Fix MIT trustsVolker Lendecke1-0/+5
Winbind can't really cope with trusts that don't have a SID associated. This happens with external MIT trusts for example. This filters them out when sending the trust list from child to parent. Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Tue Jul 26 11:39:53 CEST 2011 on sn-devel-104
2011-07-24s3-utils/net_rpc_printer.c: fix error messageBjörn Baumbach1-2/+2
Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sun Jul 24 19:01:47 CEST 2011 on sn-devel-104
2011-07-24s3: Fix Coverity ID 2596, REVERSE_INULLVolker Lendecke1-1/+2
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Sun Jul 24 16:37:19 CEST 2011 on sn-devel-104
2011-07-23charset: Make name lowercase everywhere.Jelmer Vernooij1-3/+3
2011-07-23s3:libsmb: cli_set_secdesc() only needs a const struct security_descriptorStefan Metzmacher2-2/+2
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Jul 23 11:08:19 CEST 2011 on sn-devel-104
2011-07-23s3:libsmb: remove unused cli_query_secdesc_old()Stefan Metzmacher2-50/+0
metze
2011-07-23s3:libsmb_xattr: make use of the new cli_query_secdesc()Stefan Metzmacher1-13/+13
metze
2011-07-23s3-utils/net_rpc.c: replace cli_query_secdesc_old()Björn Baumbach1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-utils/net_rpc_printer.c: replace cli_query_secdesc_old()Björn Baumbach1-4/+4
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-utils/smbcacls.c: replace cli_query_secdesc_old()Björn Baumbach1-3/+4
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-client/client.c: replace cli_query_secdesc_old()Björn Baumbach1-5/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-torture: run_nttrans_create(): replace cli_query_secdesc_old()Björn Baumbach1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-libsmb: introduce new cli_query_secdesc() which returns NTSTATUSBjörn Baumbach2-0/+52
Replacement for cli_query_secdesc_old() Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-libsmb: rename cli_query_secdesc() to cli_query_secdesc_old()Björn Baumbach8-9/+9
Will introduce new cli_query_secdesc() function Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-libsmb: finally remove cli_read_old()Björn Baumbach2-16/+0
Replaced by new cli_read() which returns NTSTATUS instead of ssize_t. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-libsmb/libsmb_file.c: replace cli_read_old() with cli_read()Björn Baumbach1-5/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-torture/nbio.c: replace cli_read_old() with cli_read()Björn Baumbach1-4/+15
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-torture/utable.c: replace cli_read_old() with cli_read()Björn Baumbach1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-utils/net_rpc_printer.c: print more info on write errorBjörn Baumbach1-2/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-utils/net_rpc_printer.c: return on read error in net_copy_file()Björn Baumbach1-4/+13
replace cli_read_old() with cli_read() Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-torture/denytest.c: replace cli_read_old() with cli_read()Björn Baumbach1-6/+14
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-libgpo/gpo_filesync.c: return on read errorBjörn Baumbach1-2/+6
replace cli_read_old() with cli_read() Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-client/clitar.c: replace cli_read_old() with cli_read()Björn Baumbach1-5/+4
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-torture: run_oplock2(): replace cli_read_old() with cli_read()Björn Baumbach1-5/+10
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-torture: run_fdsesstest(): replace cli_read_old() with cli_read()Björn Baumbach1-8/+7
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-torture: run_fdpasstest(): replace cli_read_old() with cli_read()Björn Baumbach1-4/+3
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-torture: run_locktest7(): replace cli_read_old() with cli_read()Stefan Metzmacher1-11/+34
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23s3-torture: run_locktest7(): goto fail on read errorStefan Metzmacher1-0/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-23Fix bug 8314] - smbd crash with unknown user.Jeremy Allison1-4/+11
All other auth modules code with being called with auth_method->private_data being NULL, make the auth_server module cope with this too. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sat Jul 23 02:55:01 CEST 2011 on sn-devel-104
2011-07-22s3:libsmb: move cli_state->desthost to cli_state->conn.remote_nameStefan Metzmacher3-7/+6
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Jul 22 18:17:41 CEST 2011 on sn-devel-104
generated by cgit (git 2.34.1) at 2025-01-23 22:42:18 +0000