IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
In cli_echo with more than one response we ended up with more than one read_smb
request. One from the call to cli_smb_req_set_pending called from
cli_smb_received. The other one from cli_smb_received itself. I don't really
see another way to deal with this than to hold the read_smb request in the
cli_state.
Metze, please check!
Volker
In CGI mode, we don't get access to the user's password, which would
reduce the hash used so far to parameters an attacker can easily guess.
To work around this, read the nonce from secrets.tdb or generate one if
it's not there.
Also populate the C_user field so we can use that for token creation.
Signed-off-by: Kai Blin <kai@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Jul 26 23:33:24 CEST 2011 on sn-devel-104
Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported a possible XSS attack
against SWAT, the Samba Web Administration Tool. The attack uses reflection to
insert arbitrary content into the "change password" page.
This patch fixes the reflection issue by not printing user-specified content on
the website anymore.
Signed-off-by: Kai Blin <kai@samba.org>
This prevents errors about it by 'make SYMBOLCHECK=1' if there is a
system ldb present.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Tue Jul 26 18:21:48 CEST 2011 on sn-devel-104
when there is no share SD set, the default share SD that
is used e.g. for the output of sharesec -v defaults to a
value that is not equivalent to the desired FULL access.
This is a more or less a cosmetical follow-up for the patches
in Bug #8201 that makes them more consumeable by printing
FULL (that is what the user expects) instead of a bitmask
in hexadecimal form.
previous output:
REVISION:1
OWNER:(NULL SID)
GROUP:(NULL SID)
ACL:S-1-1-0:ALLOWED/0/0x101f01ff
with patch:
REVISION:1
OWNER:(NULL SID)
GROUP:(NULL SID)
ACL:S-1-1-0:ALLOWED/0/FULL
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Tue Jul 26 15:57:55 CEST 2011 on sn-devel-104
Winbind can't really cope with trusts that don't have a SID associated. This
happens with external MIT trusts for example. This filters them out when
sending the trust list from child to parent.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Jul 26 11:39:53 CEST 2011 on sn-devel-104
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Sun Jul 24 19:01:47 CEST 2011 on sn-devel-104
All other auth modules code with being called with
auth_method->private_data being NULL, make the auth_server
module cope with this too.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Jul 23 02:55:01 CEST 2011 on sn-devel-104
