summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Use MSG_NOSIGNAL when sending a request to portmapNalin Dahyabhai2013-10-011-1/+1
|
* Up the log severity on portmap errorsNalin Dahyabhai2013-10-011-9/+9
| | | | | | Log errors encountered while talking to portmap/rpcbind at level SLAPI_LOG_FATAL rather than at the previous SLAPI_LOG_PLUGIN, so that they show up even when we're not actively debugging.
* update for 0.49, too lateNalin Dahyabhai2013-09-191-0/+4
|
* tag 0.49Nalin Dahyabhai2013-09-192-2/+7
|
* Add ignore-subtree and restrict-subtree settingsNalin Dahyabhai2013-09-1950-96/+1056
| | | | | | | | | | | | | | Add {nis,schema-compat}-ignore-subtree (subtrees under which we ignore contents and updates )and {nis,schema-compat}-restrict-subtree (subtrees out of which we ignore contents and updates, if set) settings, and default the former to "cn=tasks,cn=config". This should avoid cases where we're looking through the ldbm backend for entries which have a dangling reference to a newly-added task (which, because it's in the DSE, means we acquire an ldbm lock after acquiring our internal lock) while also updating a compat entry after its source entry is modified (for example, by the memberOf plugin, which results in us attempting to acquire our lock while the ldbm lock is already held).
* Add a missing word in a commentNalin Dahyabhai2013-09-121-1/+1
|
* Add nis-relevant-subtree and nis-ignore-subtreeNalin Dahyabhai2013-09-122-7/+21
|
* Add schema-compat-relevant-subtreeNalin Dahyabhai2013-09-125-5/+47
| | | | | | | | | | Add a schema-compat-relevant-subtree configuration option, listing the only parts of the DIT that we should ever look at, either as source entries or as other entries which contain data which might be pulled in as part of computing the contents of compat entries. This is more or less the whitelist to schema-compat-ignore-subtree's blacklist.
* Add schema-compat-ignore-subtreeNalin Dahyabhai2013-09-126-1/+118
| | | | | | | Add a schema-compat-ignore-subtree configuration option, listing parts of the DIT that we should never look at, neither as source entries nor as random other entries which contain data which might be pulled in as part of computing the contents of compat entries.
* Force LC_ALL to "C", just in caseNalin Dahyabhai2013-09-061-0/+1
|
* Remove a pair of unused variablesNalin Dahyabhai2013-08-281-2/+0
|
* Warn if we fail to set SO_LINGER for TCP clientsNalin Dahyabhai2013-08-271-1/+7
|
* Warn if non-blocking-ifying a client socket failsNalin Dahyabhai2013-08-271-1/+7
|
* Error out if the listener can't be non-blockingNalin Dahyabhai2013-08-271-2/+9
|
* Omit an unnecessary switch caseNalin Dahyabhai2013-08-271-2/+0
|
* Don't make an unnecessary checkNalin Dahyabhai2013-08-271-1/+1
|
* Skip values that are going to come up emptyNalin Dahyabhai2013-08-271-0/+3
|
* Handle fopen() failuresNalin Dahyabhai2013-08-271-1/+1
|
* Sanity check the request size correctlyNalin Dahyabhai2013-08-271-3/+4
| | | | | Use the amount of data that we could have read as the upper bound on reasonable-looking request lengths.
* Make sure that length is always initializedNalin Dahyabhai2013-08-271-0/+1
|
* Fix a missing xdr_free()Nalin Dahyabhai2013-08-271-1/+1
|
* Directly return lists when making single queriesNalin Dahyabhai2013-08-271-35/+42
|
* Don't leak "buf" if its contents are unusedNalin Dahyabhai2013-08-271-0/+2
|
* Break out passwd-to-slapi_entry conversionNalin Dahyabhai2013-08-271-55/+70
| | | | | | Break out a backend_make_user_entry_from_nsswitch_passwd function for converting a passwd structure to an entry, and rename the helper for groups to match it.
* Free staged data correctly when locking failsNalin Dahyabhai2013-08-271-0/+2
|
* Don't leak ret if fopen() fails (static analysis)Nalin Dahyabhai2013-08-271-0/+1
|
* Don't use pamh before or after it's validNalin Dahyabhai2013-08-271-9/+23
| | | | | Don't use the PAM handle before it's initialized or after it's freed (static analysis).
* Log successful authentication at PLUGIN, not FATALNalin Dahyabhai2013-08-121-1/+1
| | | | | | The server's mainline code doesn't appear to log successful authentication beyond what already shows up in the access log, so we should probably behave ourselves.
* tag 0.48Nalin Dahyabhai2013-08-123-2/+11
|
* Add nsswitch and PAM testsNalin Dahyabhai2013-08-126-0/+577
|
* Finish PAM->LDAP mapping logging codeNalin Dahyabhai2013-08-121-15/+40
|
* Add support logic for wrappers.soNalin Dahyabhai2013-08-122-4/+30
| | | | | If a test includes "plugin-need-wrappers.txt", LD_PRELOAD wrappers.so if we built it, and set any variables which are listed in the text file.
* Add a function for attempting a simple-bind searchNalin Dahyabhai2013-08-121-1/+4
|
* Handle binds to compat entries without "uid"sNalin Dahyabhai2013-08-121-11/+35
| | | | | | | Use a dummy user name if the one we get passed is NULL, which happens when the bind target entry doesn't contain a "uid" attribute. Try to avoid a timing attack by calling into PAM anyway. Switch to just logging the detailed error information, and telling the client nothing.
* Always use normalized RDNs as map keysNalin Dahyabhai2013-08-121-2/+3
| | | | | | Always use normalized RDNs as map keys, so that we can be sure that a lookup using part of the DN will find the entry, even if it needed to be escaped and/or normalized to something else at some point.
* Shoehorn in some nsswitch wrappersNalin Dahyabhai2013-08-123-0/+584
|
* Only add extensibleObject if we have an SIDNalin Dahyabhai2013-08-121-1/+1
| | | | | | Make the addition of extensibleObject to the list of objectclasses conditional on there being a ipaNTSecurityIdentifier value in the source entry.
* Properly escape DNs of nsswitch-based entriesNalin Dahyabhai2013-08-121-15/+59
|
* Suppress some compiler warningsNalin Dahyabhai2013-08-121-0/+1
|
* Remove some unused variablesNalin Dahyabhai2013-08-122-6/+1
|
* Handle locking failuresNalin Dahyabhai2013-08-121-37/+64
| | | | Handle cases where we fail to acquire locks.
* Make notes of our staged nsswitch lookupsNalin Dahyabhai2013-08-121-0/+23
|
* Switch to tracking entry sources explicitlyNalin Dahyabhai2013-08-122-13/+2
| | | | | | Don't depend on a text attribute in a synthetic entry to tell us where it came from; just record it in the entry's backend_data and consult it directly later.
* Ensure that the grouplist entry array is initedNalin Dahyabhai2013-08-121-1/+1
| | | | | | When allocating the array for returning a list of group entries, use calloc() to ensure that the array is zero-filled, in case resizing it fails for some reason.
* Don't log "with closest match (null)"Nalin Dahyabhai2013-08-121-15/+14
| | | | | If we're sending a result, don't log that we're sending a closest match, even if it's "(null)", if we're not sending a closest match.
* Formatting, implicit NULL checksNalin Dahyabhai2013-08-121-4/+4
|
* Fix a type safety errorNalin Dahyabhai2013-08-121-1/+1
|
* Explicitly track the sources of cached entriesNalin Dahyabhai2013-08-122-7/+20
|
* Renames and fix a memory leakNalin Dahyabhai2013-08-123-55/+56
| | | | | | | | Rename backend_staged_data to backend_staged_search. Fix some formatting. Change how we walk the list of entries retrieved using a staged search so that if the map's been removed since the search was staged, we still free the temporary entry structures.
* Comment cleanupNalin Dahyabhai2013-08-121-7/+8
|
generated by cgit (git 2.34.1) at 2025-08-28 19:30:01 +0000