Kai Blin [Thu, 7 Jul 2011 08:03:33 +0000 (10:03 +0200)]
s3 swat: Fix possible XSS attack (bug #8289)
Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack
against SWAT, the Samba Web Administration Tool. The attack uses reflection to
insert arbitrary content into the "change password" page.
This patch fixes the reflection issue by not printing user-specified content on
the website anymore.
Signed-off-by: Kai Blin <kai@samba.org>
Jelmer Vernooij [Tue, 26 Jul 2011 19:07:20 +0000 (21:07 +0200)]
talloc: Support PYTHON environment variable.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Tue Jul 26 22:21:30 CEST 2011 on sn-devel-104
Jelmer Vernooij [Tue, 26 Jul 2011 13:21:02 +0000 (15:21 +0200)]
s3-build: Only define ldb3 when not in standalone build.
This prevents errors about it by 'make SYMBOLCHECK=1' if there is a
system ldb present.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Tue Jul 26 18:21:48 CEST 2011 on sn-devel-104
Jelmer Vernooij [Tue, 26 Jul 2011 11:32:39 +0000 (13:32 +0200)]
shares: Remove dependencies on share modules.
The build system will already pull these in - if necessary.
Stefan Metzmacher [Tue, 26 Jul 2011 12:23:34 +0000 (14:23 +0200)]
s4:samba-tool: ldapcmp needs CredentialsOptionsDouble
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jul 26 17:09:32 CEST 2011 on sn-devel-104
Christian Ambach [Tue, 26 Jul 2011 11:43:14 +0000 (13:43 +0200)]
s3:lib change default share security access mask
when there is no share SD set, the default share SD that
is used e.g. for the output of sharesec -v defaults to a
value that is not equivalent to the desired FULL access.
This is a more or less a cosmetical follow-up for the patches
in Bug #8201 that makes them more consumeable by printing
FULL (that is what the user expects) instead of a bitmask
in hexadecimal form.
previous output:
REVISION:1
OWNER:(NULL SID)
GROUP:(NULL SID)
ACL:S-1-1-0:ALLOWED/0/0x101f01ff
with patch:
REVISION:1
OWNER:(NULL SID)
GROUP:(NULL SID)
ACL:S-1-1-0:ALLOWED/0/FULL
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Tue Jul 26 15:57:55 CEST 2011 on sn-devel-104
Jelmer Vernooij [Tue, 26 Jul 2011 11:29:00 +0000 (13:29 +0200)]
libsamba-util: Build in libbitmap.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Tue Jul 26 14:45:27 CEST 2011 on sn-devel-104
Jelmer Vernooij [Mon, 25 Jul 2011 20:32:12 +0000 (22:32 +0200)]
policy: Rename to samba-policy to avoid name space clashes.
Jelmer Vernooij [Mon, 25 Jul 2011 20:27:17 +0000 (22:27 +0200)]
cli_composite: Lowercase name.
Jelmer Vernooij [Mon, 25 Jul 2011 19:24:35 +0000 (21:24 +0200)]
cli_smb_common: Lowercase name.
Jelmer Vernooij [Mon, 25 Jul 2011 19:24:20 +0000 (21:24 +0200)]
cli_cldap: Lowercase name.
Jelmer Vernooij [Mon, 25 Jul 2011 19:23:31 +0000 (21:23 +0200)]
cli_spools: Lowercase name.
Volker Lendecke [Mon, 25 Jul 2011 10:38:27 +0000 (12:38 +0200)]
s3: Fix MIT trusts
Winbind can't really cope with trusts that don't have a SID associated. This
happens with external MIT trusts for example. This filters them out when
sending the trust list from child to parent.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Jul 26 11:39:53 CEST 2011 on sn-devel-104
Stefan Metzmacher [Mon, 25 Jul 2011 08:06:47 +0000 (10:06 +0200)]
s4:kdc: canonicalize the principal if HDB_F_FOR_TGS_REQ is given
Windows seems to always canonicalize the principal in TGS replies.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jul 26 03:25:06 CEST 2011 on sn-devel-104
Stefan Metzmacher [Mon, 25 Jul 2011 09:06:18 +0000 (11:06 +0200)]
s4:heimdal_build: hdb.asn1 needs --sequence=HDB-Ext-KeySet --sequence=Keys
metze
Stefan Metzmacher [Mon, 25 Jul 2011 16:51:53 +0000 (18:51 +0200)]
Jeremy Allison [Mon, 25 Jul 2011 20:37:32 +0000 (13:37 -0700)]
Fix typo Loggs -> Logs.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Jul 25 23:49:04 CEST 2011 on sn-devel-104
Michael Adam [Mon, 25 Jul 2011 09:46:33 +0000 (11:46 +0200)]
s3:docs: document the smbclient "tid" command
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Mon Jul 25 13:14:57 CEST 2011 on sn-devel-104
Michael Adam [Mon, 25 Jul 2011 09:44:39 +0000 (11:44 +0200)]
s3:docs: document the smbclient "tdis" command
Michael Adam [Mon, 25 Jul 2011 09:42:00 +0000 (11:42 +0200)]
s3:docs: document the smbclient "tcon" command
Michael Adam [Mon, 25 Jul 2011 09:39:04 +0000 (11:39 +0200)]
s3:docs: document the smbclient "logoff" command
Rusty Russell [Mon, 25 Jul 2011 08:48:27 +0000 (18:18 +0930)]
lib/ccan: update to
init-1192-gdd04041
This imports licensing clarifications and updates as discussed on
samba-technical ("Subject: Re: ccan code breaks older build farm
systems").
In particular, the recent version have per-file license markers, and
some modules are relicenced more liberally: in particular Simo pointed
out that htable was GPL, and indirectly included by libtdb2, which
would have made that GPL as well.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-Date: Mon Jul 25 12:03:40 CEST 2011 on sn-devel-104
Rusty Russell [Mon, 25 Jul 2011 08:37:11 +0000 (18:07 +0930)]
lib/ccan: add README
README points out that these code snippets have their own licenses,
and that their home is elsewhere.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Stefan Metzmacher [Sun, 24 Jul 2011 20:02:21 +0000 (22:02 +0200)]
s4:auth/kerberos: activate windows related krb5 flags
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Jul 25 09:45:01 CEST 2011 on sn-devel-104
Stefan Metzmacher [Sun, 24 Jul 2011 21:09:19 +0000 (23:09 +0200)]
s4:heimdal: build samba4kgetcred
metze
Björn Baumbach [Sun, 24 Jul 2011 07:09:59 +0000 (09:09 +0200)]
s3-utils/net_rpc_printer.c: fix error message
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Jul 24 19:01:47 CEST 2011 on sn-devel-104
Volker Lendecke [Sun, 24 Jul 2011 13:21:32 +0000 (15:21 +0200)]
s3: Fix Coverity ID 2596, REVERSE_INULL
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Jul 24 16:37:19 CEST 2011 on sn-devel-104
Jelmer Vernooij [Fri, 22 Jul 2011 19:18:32 +0000 (21:18 +0200)]
cli_raw: Make name lowercase.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Jul 23 23:20:51 CEST 2011 on sn-devel-104
Jelmer Vernooij [Fri, 22 Jul 2011 16:33:31 +0000 (18:33 +0200)]
charset: Make name lowercase everywhere.
Jelmer Vernooij [Fri, 22 Jul 2011 10:44:59 +0000 (12:44 +0200)]
wafsamba: Properly lock object store when retrieving version through Bazaar.
Jelmer Vernooij [Mon, 18 Jul 2011 08:37:21 +0000 (10:37 +0200)]
remove the fedora package, and point at the repository instead
Jelmer Vernooij [Sun, 17 Jul 2011 11:33:03 +0000 (13:33 +0200)]
README.Coding: Mention that PEP8 is the standard for Python code.
Almost all of our existing code is PEP8, and virtually every other free software
project in Python uses PEP8.
Jelmer Vernooij [Sun, 17 Jul 2011 11:29:32 +0000 (13:29 +0200)]
update TODO: net has been renamed to samba-tool.
Jelmer Vernooij [Sun, 17 Jul 2011 11:28:21 +0000 (13:28 +0200)]
scripting/bin: Some formatting fixes.
Stefan Metzmacher [Sat, 23 Jul 2011 07:55:06 +0000 (09:55 +0200)]
s3:libsmb: cli_set_secdesc() only needs a const struct security_descriptor
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sat Jul 23 11:08:19 CEST 2011 on sn-devel-104
Stefan Metzmacher [Sat, 23 Jul 2011 07:54:31 +0000 (09:54 +0200)]
libcli/security: add some const to marshall_sec_desc[_buf]()
metze
Stefan Metzmacher [Sat, 23 Jul 2011 07:54:04 +0000 (09:54 +0200)]
s3:libsmb: remove unused cli_query_secdesc_old()
metze
Stefan Metzmacher [Sat, 23 Jul 2011 07:43:32 +0000 (09:43 +0200)]
s3:libsmb_xattr: make use of the new cli_query_secdesc()
metze
Björn Baumbach [Fri, 22 Jul 2011 15:07:30 +0000 (17:07 +0200)]
s3-utils/net_rpc.c: replace cli_query_secdesc_old()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 15:00:23 +0000 (17:00 +0200)]
s3-utils/net_rpc_printer.c: replace cli_query_secdesc_old()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 14:56:04 +0000 (16:56 +0200)]
s3-utils/smbcacls.c: replace cli_query_secdesc_old()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 14:51:10 +0000 (16:51 +0200)]
s3-client/client.c: replace cli_query_secdesc_old()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 13:50:13 +0000 (15:50 +0200)]
s3-torture: run_nttrans_create(): replace cli_query_secdesc_old()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 13:11:31 +0000 (15:11 +0200)]
s3-libsmb: introduce new cli_query_secdesc() which returns NTSTATUS
Replacement for cli_query_secdesc_old()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 13:02:23 +0000 (15:02 +0200)]
s3-libsmb: rename cli_query_secdesc() to cli_query_secdesc_old()
Will introduce new cli_query_secdesc() function
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 12:23:56 +0000 (14:23 +0200)]
s3-libsmb: finally remove cli_read_old()
Replaced by new cli_read() which returns NTSTATUS instead of ssize_t.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 12:22:29 +0000 (14:22 +0200)]
s3-libsmb/libsmb_file.c: replace cli_read_old() with cli_read()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 12:01:12 +0000 (14:01 +0200)]
s3-torture/nbio.c: replace cli_read_old() with cli_read()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 11:46:57 +0000 (13:46 +0200)]
s3-torture/utable.c: replace cli_read_old() with cli_read()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 11:44:49 +0000 (13:44 +0200)]
s3-utils/net_rpc_printer.c: print more info on write error
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 11:39:05 +0000 (13:39 +0200)]
s3-utils/net_rpc_printer.c: return on read error in net_copy_file()
replace cli_read_old() with cli_read()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 11:06:13 +0000 (13:06 +0200)]
s3-torture/denytest.c: replace cli_read_old() with cli_read()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 10:44:56 +0000 (12:44 +0200)]
s3-libgpo/gpo_filesync.c: return on read error
replace cli_read_old() with cli_read()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 10:35:03 +0000 (12:35 +0200)]
s3-client/clitar.c: replace cli_read_old() with cli_read()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 10:29:59 +0000 (12:29 +0200)]
s3-torture: run_oplock2(): replace cli_read_old() with cli_read()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 10:19:34 +0000 (12:19 +0200)]
s3-torture: run_fdsesstest(): replace cli_read_old() with cli_read()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 10:12:42 +0000 (12:12 +0200)]
s3-torture: run_fdpasstest(): replace cli_read_old() with cli_read()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Sat, 23 Jul 2011 07:16:27 +0000 (09:16 +0200)]
s3-torture: run_locktest7(): replace cli_read_old() with cli_read()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Sat, 23 Jul 2011 07:10:09 +0000 (09:10 +0200)]
s3-torture: run_locktest7(): goto fail on read error
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Jeremy Allison [Fri, 22 Jul 2011 23:40:54 +0000 (16:40 -0700)]
Fix bug 8314] - smbd crash with unknown user.
All other auth modules code with being called with
auth_method->private_data being NULL, make the auth_server
module cope with this too.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Jul 23 02:55:01 CEST 2011 on sn-devel-104
Stefan Metzmacher [Fri, 22 Jul 2011 14:53:51 +0000 (16:53 +0200)]
s3:libsmb: move cli_state->desthost to cli_state->conn.remote_name
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jul 22 18:17:41 CEST 2011 on sn-devel-104
Stefan Metzmacher [Fri, 22 Jul 2011 14:52:55 +0000 (16:52 +0200)]
s3:winbindd_cm: use controller instead of cli->desthost
The should have the same value.
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:52:11 +0000 (16:52 +0200)]
s3:net_util: use server_name instead of cli->desthost
They should be the same.
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:51:19 +0000 (16:51 +0200)]
s3:net_rpc_registry: use pipe_hnd->desthost instead of cli->desthost
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:50:43 +0000 (16:50 +0200)]
s3:net_rpc_printer: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:49:28 +0000 (16:49 +0200)]
s3:net_rpc_join: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:48:38 +0000 (16:48 +0200)]
s3:net_rpc_join: use pipe_hnd->desthost instead of cli->desthost
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:48:02 +0000 (16:48 +0200)]
s3:net_rpc: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:47:35 +0000 (16:47 +0200)]
s3:net_rpc: use netr->desthost instead of cli->desthost
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:46:16 +0000 (16:46 +0200)]
s3:net_rap: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:45:51 +0000 (16:45 +0200)]
s3:rpcclient: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:45:12 +0000 (16:45 +0200)]
s3:rpcclient: use rpc_pipe->desthost instead of cli->desthost
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:44:28 +0000 (16:44 +0200)]
s3:cli_pipe_schannel: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:44:02 +0000 (16:44 +0200)]
s3:cli_pipe: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:43:27 +0000 (16:43 +0200)]
s3:cli_pipe: use result->desthost instead of cli->desthost
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:34:29 +0000 (16:34 +0200)]
s3:libsmb_server: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:33:51 +0000 (16:33 +0200)]
s3:libsmb/libsmb_dir: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:33:16 +0000 (16:33 +0200)]
s3:libsmb/clirap2: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:31:51 +0000 (16:31 +0200)]
s3:libsmb/clifsinfo: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:31:18 +0000 (16:31 +0200)]
s3:libsmb/clidfs: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:29:58 +0000 (16:29 +0200)]
s3:libsmb/cliconnect: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:28:27 +0000 (16:28 +0200)]
s3:libnet_join: make use of cli_state_remote_name()
Stefan Metzmacher [Fri, 22 Jul 2011 14:19:00 +0000 (16:19 +0200)]
s3:lib/netapi: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:16:20 +0000 (16:16 +0200)]
s3:client: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:15:56 +0000 (16:15 +0200)]
s3:auth_server: make use of cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:10:51 +0000 (16:10 +0200)]
s3:auth_domain: we already have the dc_name, it's the same as cli->desthost
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:09:54 +0000 (16:09 +0200)]
s3:libsmb: add cli_state_remote_name()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 14:05:54 +0000 (16:05 +0200)]
s3:libsmb: remove const from cli_cm_display()
metze
Björn Baumbach [Fri, 22 Jul 2011 09:18:30 +0000 (11:18 +0200)]
s3-torture: run_locktest4(): replace cli_read_old() with cli_read()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Björn Baumbach [Fri, 22 Jul 2011 08:48:35 +0000 (10:48 +0200)]
s3-torture: introduce test_cli_read()
test_cli_read calls cli_read and returns success or failure
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Fri, 22 Jul 2011 11:43:02 +0000 (13:43 +0200)]
s3:libsmb: move cli_state->{src_ss,dest_ss} to cli_state->conn.{local_ss,remote_ss}
metze
Stefan Metzmacher [Fri, 22 Jul 2011 11:42:38 +0000 (13:42 +0200)]
s3:net_rpc_printer: make use of cli_state_remote_sockaddr()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 11:42:20 +0000 (13:42 +0200)]
s3:net_rpc: make use of cli_state_remote_sockaddr()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 11:44:36 +0000 (13:44 +0200)]
s3:net_rpc_join: make use of cli_state_remote_sockaddr()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 11:41:09 +0000 (13:41 +0200)]
s3:net_rpc_join: pass const sockaddr_storage to net_rpc_join_ok()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 11:40:19 +0000 (13:40 +0200)]
s3:net_util: pass const sockaddr_storage to net_make_ipc_connection_ex()
metze
Stefan Metzmacher [Fri, 22 Jul 2011 11:05:43 +0000 (13:05 +0200)]
s3:net_util: add some const to sockaddr_storage
metze
Stefan Metzmacher [Fri, 22 Jul 2011 11:04:32 +0000 (13:04 +0200)]
s3:auth_domain: add some const to sockaddr_storage
metze
Stefan Metzmacher [Fri, 22 Jul 2011 11:03:19 +0000 (13:03 +0200)]
s3:libsmb: only pass const sockaddr_storage to cli_full_connection()
No direct or indirect caller needs this to be set.
metze
Stefan Metzmacher [Fri, 22 Jul 2011 10:31:05 +0000 (12:31 +0200)]
s3:smbcquotas: pass down NULL instead of a zero sockaddr_storage
metze