Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_printer_enumforms1_internal. | Andreas Schneider | 1 | -5/+18 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_set_printer_secdesc_internal. | Andreas Schneider | 1 | -5/+18 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_get_printer_secdesc_internal. | Andreas Schneider | 1 | -5/+18 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_add_driver_internal. | Andreas Schneider | 1 | -6/+19 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_del_driver_internal. | Andreas Schneider | 1 | -5/+18 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_get_driver_list_internal. | Andreas Schneider | 1 | -7/+20 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_get_driver_internal. | Andreas Schneider | 1 | -7/+20 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_delete_printer_dataex_internal. | Andreas Schneider | 1 | -6/+19 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_get_printer_dataex_internal. | Andreas Schneider | 1 | -9/+22 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_enum_printer_dataex_internal. | Andreas Schneider | 1 | -7/+20 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_set_printer_dataex_internal. | Andreas Schneider | 1 | -9/+22 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_update_printer_internal. | Andreas Schneider | 1 | -8/+21 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_create_printer_internal. | Andreas Schneider | 1 | -4/+17 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_get_printer_internal. | Andreas Schneider | 1 | -5/+17 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_printer_get_changeid_internal. | Andreas Schneider | 1 | -5/+18 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_printer_update_changeid_internal. | Andreas Schneider | 1 | -4/+17 | |
2011-07-27 | s3-spoolss: Use tmp_ctx in winreg_delete_printer_key_internal. | Andreas Schneider | 1 | -5/+18 | |
2011-07-27 | s3-spoolss: Free local in winreg_printer_binding_handle. | Andreas Schneider | 1 | -0/+1 | |
2011-07-27 | s3-spoolss: Improve memory efficiency. | Simo Sorce | 1 | -158/+242 | |
p->mem_ctx is a relatively long lived context as it will not be freed until a full request is served. In spoolss we do a lot of operations including opening new pipes to connect to winreg. Use more shortlived temporary contexts to avoid leaking a lot of memory on p->mem_ctx and carrying it around untill all the operations in the current call are done. Signed-off-by: Andreas Schneider <asn@samba.org> | |||||
2011-07-27 | s3-rpc_client: Fix memory context in winreg_enum_printer_dataex(). | Andreas Schneider | 1 | -3/+2 | |
2011-07-27 | s3-rpc_client: Close policy handles before creating defaults. | Andreas Schneider | 1 | -0/+15 | |
We reopen the hive and key so close them before reopen. | |||||
2011-07-27 | s3-rpc_client: Close the hive handle before we open it again. | Andreas Schneider | 1 | -9/+13 | |
2011-07-27 | s3-rpc_client: Close hive if opening of the key fails. | Andreas Schneider | 1 | -1/+11 | |
2011-07-27 | s3-rpc_server: Copy correct local tsocket address. | Andreas Schneider | 1 | -1/+1 | |
2011-07-27 | s3:idmap_tdb2: remove the undocumented option of the silly name "tdb:idmap2.tdb" | Michael Adam | 1 | -5/+1 | |
In ancient times, when ctdb had not support for persistent databases and tdb2 was introduced as a two-layer solution and it was more important than today to be able to change the location of the permanent database file because it had to reside on shared storage. But these were times when idmap_tdb2 was not even officially released. Nowadays, with ctdb handling the persistent idmap2.tdb database, the path is stripped anyways, so this undocumented option has become unnecessary and is hence removed. Autobuild-User: Michael Adam <obnox@samba.org> Autobuild-Date: Wed Jul 27 05:37:57 CEST 2011 on sn-devel-104 | |||||
2011-07-27 | s3:idmap_tdb2: remove a legacy comment | Michael Adam | 1 | -1/+0 | |
2011-07-27 | s3:idmap_tdb2: remove legacy comment | Michael Adam | 1 | -2/+0 | |
2011-07-27 | s3:idmap_tdb2: remove superfluous initialization with bogus comment | Michael Adam | 1 | -3/+0 | |
2011-07-27 | s3:idmap_tdb2: fix a legacy comment that does not apply any more | Michael Adam | 1 | -2/+1 | |
2011-07-27 | s3:idmap_tdb2: deprecate the idmap:script parameter and use "idmap config * ↵ | Michael Adam | 1 | -18/+21 | |
: script" instead With this patch, "idmap config * : script" will override "idmap : script". If "idmap : script" is present, a deprecation warning will be printed in any case. If "idmap config * : script" is not set, then the value of "idmap :script" will be used for backwards compatibility. | |||||
2011-07-27 | Fix bug #8324 - smbclient cannot list directories from a big-endian machine. | Jeremy Allison | 1 | -2/+2 | |
Two uses of the setup array are not being correctly byte-swapped to little endian. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Jul 27 03:14:48 CEST 2011 on sn-devel-104 | |||||
2011-07-27 | s3: cli_close_done->write_andx_done in test_async_echo | Volker Lendecke | 1 | -2/+2 | |
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Jul 27 02:03:49 CEST 2011 on sn-devel-104 | |||||
2011-07-27 | s3: Fix a debug message | Volker Lendecke | 1 | -1/+1 | |
2011-07-27 | s3: Fix formatting | Volker Lendecke | 1 | -2/+4 | |
2011-07-27 | s3: Fix an error message | Volker Lendecke | 1 | -1/+1 | |
2011-07-27 | s3: Fix async smb handling | Volker Lendecke | 2 | -9/+22 | |
In cli_echo with more than one response we ended up with more than one read_smb request. One from the call to cli_smb_req_set_pending called from cli_smb_received. The other one from cli_smb_received itself. I don't really see another way to deal with this than to hold the read_smb request in the cli_state. Metze, please check! Volker | |||||
2011-07-26 | s3 swat: Create random nonce in CGI mode | Kai Blin | 1 | -1/+19 | |
In CGI mode, we don't get access to the user's password, which would reduce the hash used so far to parameters an attacker can easily guess. To work around this, read the nonce from secrets.tdb or generate one if it's not there. Also populate the C_user field so we can use that for token creation. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Tue Jul 26 23:33:24 CEST 2011 on sn-devel-104 | |||||
2011-07-26 | s3 swat: Add time component to XSRF token | Kai Blin | 2 | -5/+25 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2011-07-26 | s3 swat: Add XSRF protection to printer page | Kai Blin | 1 | -10/+18 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2011-07-26 | s3 swat: Add XSRF protection to password page | Kai Blin | 1 | -3/+8 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2011-07-26 | s3 swat: Add XSRF protection to shares page | Kai Blin | 1 | -5/+13 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2011-07-26 | s3 swat: Add XSRF protection to globals page | Kai Blin | 1 | -0/+7 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2011-07-26 | s3 swat: Add XSRF protection to wizard page | Kai Blin | 1 | -0/+7 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2011-07-26 | s3 swat: Add XSRF protection to wizard_params page | Kai Blin | 1 | -0/+7 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2011-07-26 | s3 swat: Add XSRF protection to viewconfig page | Kai Blin | 1 | -0/+7 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2011-07-26 | s3 swat: Add XSRF protection to status page | Kai Blin | 1 | -0/+7 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2011-07-26 | s3 swat: Add support for anti-XSRF token | Kai Blin | 2 | -0/+59 | |
2011-07-26 | s3 swat: Allow getting the user's HTTP auth password | Kai Blin | 2 | -0/+10 | |
Signed-off-by: Kai Blin <kai@samba.org> | |||||
2011-07-26 | s3-swat: Fix typo. | Karolin Seeger | 1 | -1/+1 | |
Thanks to Simo for reporting! Karolin (cherry picked from commit 9f73c1990a19daa899fa5345530a867e69a5be94) (cherry picked from commit bcb052c29212954a3ed10c9f095c51e4e0a96af5) | |||||
2011-07-26 | s3 swat: Fix possible XSS attack (bug #8289) | Kai Blin | 1 | -12/+2 | |
Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack against SWAT, the Samba Web Administration Tool. The attack uses reflection to insert arbitrary content into the "change password" page. This patch fixes the reflection issue by not printing user-specified content on the website anymore. Signed-off-by: Kai Blin <kai@samba.org> |