summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Execute /usr/bin/python directly instead of /usr/bin/env pythonRob Crittenden2011-01-1412-12/+12
| | | | ticket 608
* Fix API validationSimo Sorce2011-01-141-1/+1
|
* Potential memory leaks in ipa-kpasswdMartin Kosek2011-01-141-0/+6
| | | | | | | | This patch fixes 2 situations where a pointer to allocated error string could be overwritten - which could have resulted in a memory leak. https://fedorahosted.org/freeipa/ticket/716
* Add API version and have server reject incompatible clients.Rob Crittenden2011-01-1415-15/+3118
| | | | | | | | | | | | | | | | | | | | | | | | This patch contains 2 parts. The first part is a small utility to create and validate the current API. To do this it needs to load ipalib which on a fresh system introduces a few problems, namely that it relies on a python plugin to set the default encoding to utf8. For our purposes we can skip that. It is also important that any optional plugins be loadable so the API can be examined. The second part is a version exchange between the client and server. The version has a major and a minor version. The major verion is updated whenever existing API changes. The minor version is updated when new API is added. A request will be rejected if either the major versions don't match or if the client major version is higher than then server major version (though by implication new API would return a command not found if allowed to proceed). To determine the API version of the server from a client use the ping command. ticket 584
* Unchecked return values in SLAPI pluginsMartin Kosek2011-01-144-8/+20
| | | | | | | Return values weren't checked in several cases which could have lead to unhandled errors. https://fedorahosted.org/freeipa/ticket/722
* Unitialized pointer read in ipa-joinMartin Kosek2011-01-141-2/+2
| | | | | | | This patch fixes a possible situation when krb5_kt_close() function is called with uninitialized keytab parameter. https://fedorahosted.org/freeipa/ticket/712
* Potential memory leaks in ipa-pwd-extopMartin Kosek2011-01-142-3/+21
| | | | | | | | | | This patch fixes several potential memory leaks in ipa-pwd-extop SLAPI plugin. Common function ipapwd_gen_hashes() now cleans after itself when it fails. Other changes are local and self-explanatory. https://fedorahosted.org/freeipa/ticket/715
* Potential memory leaks in ipa-getkeytabMartin Kosek2011-01-141-0/+2
| | | | | | | | This patch fixes 2 situations where a pointer to allocated error string could be overwritten - which could have resulted in a memory leak. https://fedorahosted.org/freeipa/ticket/714
* Remove dependency on nss_ldap/nss-pam-ldapdSimo Sorce2011-01-141-5/+4
| | | | | | We use sssd in ipa v2 Fixes: https://fedorahosted.org/freeipa/ticket/757
* Remove radius options completely.Simo Sorce2011-01-1432-3223/+7
| | | | | | | This has been completely abandoned since ipa v1 and is not built by default. Instead of carrying dead weight, let's remove it for now. Fixes: https://fedorahosted.org/freeipa/ticket/761
* Move mep templates under cn=etcSimo Sorce2011-01-144-7/+8
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/760
* Move Virtual Operations container under cn=etcSimo Sorce2011-01-146-30/+30
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/759
* Allow using Kerberos credentials with the 'connect' commandSimo Sorce2011-01-142-2/+2
| | | | | | | | Now that we can setup GSSAPI authenticated replication we are not tied to use the Directory Manager password to set up replication agreements. Fixes: https://fedorahosted.org/freeipa/ticket/644
* Use GSSAPI for replicationSimo Sorce2011-01-144-16/+145
| | | | | | | Uses a temporary simple replication agreement over SSL to init the tree. Then once all principals have been created switches replication to GSSAPI. Fixes: https://fedorahosted.org/freeipa/ticket/690
* Remove port argument for ipa-replica-manageSimo Sorce2011-01-142-6/+0
| | | | | We can't use arbitrary ports anyway. And neither AD has any way to use non stadard ports. So remove this unnecessary option.
* Remove unused random password in replica install scriptSimo Sorce2011-01-141-2/+0
|
* Refactor some replication codeSimo Sorce2011-01-143-158/+140
| | | | | This simplifies or rationalizes some code in order to make it easier to change it to fix bug #690
* hide unselectable optionsAdam Young2011-01-142-7/+2
| | | | | If an option is not selectable from the action panel, hide it until it is selectable addresses https://fedorahosted.org/freeipa/ticket/747
* null pkeyAdam Young2011-01-141-10/+8
| | | | | | | If the pkey is null, send an empty array. If the pkey is not null, send and array of length 1 with the pkey in it. Addresses: https://fedorahosted.org/freeipa/ticket/767
* spinning wheel display a spinning icon gif during network traffic. Fixes the ↵Adam Young2011-01-1411-9/+72
| | | | following from first patch: 1 primary key set in span as opposed to appended, so it only appears once. 2. call hide for the network activity icon only in success or failure functions, not multiple times
* Fixed typo in ipa help serviceGowrishankar Rajaiyan2011-01-141-1/+1
|
* Set minimum version of dogtag to 9Rob Crittenden2011-01-141-2/+5
| | | | ticket 763
* python-ldap fails gloriously if the search time limit is 0. Don't allow it.Rob Crittenden2011-01-142-1/+9
| | | | | | | | | Don't allow the time limit to be set in the API. Also add a failsafe in the ldap driver because such bad things happen if this value is 0. I think it literally spends 0 time on the request and just returns immediately. ticket 752
* scoping functionsAdam Young2011-01-1430-681/+662
| | | | | | converting function of the form ipa_<name> to IPA.<name> to remove them from the global namespace. https://fedorahosted.org/freeipa/ticket/212
* Support for str in StrEnum.Endi S. Dewata2011-01-131-0/+18
| | | | | The StrEnum class has been modified to accept str value and convert it into unicode. This is to fix encoding issue on F14.
* Increased icon size for certificate and Kerberos key status.Endi S. Dewata2011-01-134-47/+46
| | | | | The <li> tag used for status icon has been replaced with <div> tag shaped like a circle. The size can be adjusted using CSS.
* metadata updateAdam Young2011-01-131-10/+63
| | | | Static viewing was broken due to recent hbac changes.
* Removed debugging message.Endi S. Dewata2011-01-131-1/+1
|
* Fixed incorrect loop variable.Endi S. Dewata2011-01-131-1/+1
|
* Host details adjustments.Endi S. Dewata2011-01-137-189/+188
| | | | | | | | | | | | | | The labels for the following fields in Host details page have been changed: - fqdn: Fully Qualified Host Name - serverhostname: Host Name The ipa_details_field_create_input() and _ipa_create_text_input() has been converted into methods in ipa_details_field class. The code has been modified to display read-only fields as labels instead of disabled text fields. The attributelevelrights in host test data files have been updated.
* javascript lint cleanupAdam Young2011-01-1219-193/+177
|
* Drop dependency on mozldapRob Crittenden2011-01-122-9/+4
|
* Use correct option name in host pluginJakub Hrozek2011-01-121-9/+9
|
* Fixes for the DNS pluginJakub Hrozek2011-01-121-3/+9
| | | | https://fedorahosted.org/freeipa/ticket/730
* Restrict anonymous tgtsSimo Sorce2011-01-121-0/+1
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/432
* Potential NULL dereference in ipapwd_prepostMartin Kosek2011-01-121-2/+2
| | | | | | | This patch increases robustness in PRE MOD password SLAPI module by ensuring that an uninitialized pointer is not dereferenced. https://fedorahosted.org/freeipa/ticket/719
* Unchecked return value of callocMartin Kosek2011-01-121-0/+7
| | | | | | | | Omiting return value of calloc in ipa_pwd_extop.c could lead to memory access issues when memory is full. This patch adds return value check. https://fedorahosted.org/freeipa/ticket/717
* Bugfix for sudo compat cmdcat and deny commands ↵Jr Aquino2011-01-121-2/+2
| | | | https://fedorahosted.org/freeipa/ticket/742
* Uninitialized pointer read in ipa-enrollmentMartin Kosek2011-01-121-1/+1
| | | | | | | This patch fixes a situation where an uninitialized pointer is passed to free(). https://fedorahosted.org/freeipa/ticket/713
* fix sudorule runas user/groups https://fedorahosted.org/freeipa/ticket/570Jr Aquino2011-01-123-1/+167
|
* Unchecked return values in ipa-joinMartin Kosek2011-01-122-10/+62
| | | | | | | | | | | krb5_get_default_realm() and asprintf() return values were ignored. This could lead to unhandled error issues or memory access issues. This patch adds return value checks to all such functions. As a consequence, one new return value has been added to man page. https://fedorahosted.org/freeipa/ticket/720
* Unchecked return value in ipa-getkeytabMartin Kosek2011-01-121-3/+15
| | | | | | | | | | | | krb5_init_context return value was not checked. This could lead to unhandled error issues. This patch moves the Kerberos context initialization to the branch where it is needed and handles the error value in a way that allows program exit in a standard way deallocating all resources. https://fedorahosted.org/freeipa/ticket/721
* Uninitialized pointer read in ipa-rmkeytabMartin Kosek2011-01-121-5/+14
| | | | | | | Fix "--realm" parameter processing in ipa-rmkeytab. Also make sure that memory allocated in this process is also freed. https://fedorahosted.org/freeipa/ticket/711
* Use of pointer after free in ipa-joinMartin Kosek2011-01-121-4/+10
| | | | | | | | In some cases recently freed memory was used/freed again. This patch introduces more consistency between functions join_ldap/join_krb5 when dealing with affected variables. https://fedorahosted.org/freeipa/ticket/709
* enroll buttonAdam Young2011-01-111-1/+1
| | | | This was removed in several places where it should still be visible
* Added group association table for SUDO command.Endi S. Dewata2011-01-116-0/+328
| | | | | | A section has been added to the SUDO command details page for managing the association with SUDO command groups. New test data has been added as well.
* Renamed hbac to hbacrule.Endi S. Dewata2011-01-1127-33/+33
| | | | | | All references to hbac in the UI have been replaced with hbacrule. This is to match the hbacrule plugin. The test data and templates have been renamed as well.
* Support for enabling/disabling table widget.Endi S. Dewata2011-01-115-7/+159
| | | | | | | | The table widget now can be enabled/disabled. When disabled, the checkboxes and links/buttons are grayed out and non functional. The radio buttons in HBAC and SUDO details page have been modified to enable/disable the corresponding tables.
* Fixed SUDO command category.Endi S. Dewata2011-01-111-140/+27
| | | | | | | The radio buttons under the Run Commands section in the SUDO details page have been changed from allow/deny/specified into all/specified, and moved under the Allow commands subsection, matching the correct usage of the cmdcategory attribute.
* Fix output of failed managedby hosts, allow a host to manage itself.Rob Crittenden2011-01-114-6/+18
| | | | | | | | | | | The output problem was a missing label for failed managedby. This also fixes a call to print_entry that was missing the flags argument. Add a flag to specify whether a group can be a member of itself, defaulting to False. ticket 708
generated by cgit (git 2.34.1) at 2024-11-13 00:43:41 +0000