slapi-nis.git - SLAPI-NIS

	Commit message (Collapse)	Author	Age	Files	Lines
*	Don't use pamh before or after it's valid	Nalin Dahyabhai	2013-08-27	1	-9/+23
\| \| \| \| \|	Don't use the PAM handle before it's initialized or after it's freed (static analysis).
*	Log successful authentication at PLUGIN, not FATAL	Nalin Dahyabhai	2013-08-12	1	-1/+1
\| \| \| \| \| \|	The server's mainline code doesn't appear to log successful authentication beyond what already shows up in the access log, so we should probably behave ourselves.
*	Finish PAM->LDAP mapping logging code	Nalin Dahyabhai	2013-08-12	1	-15/+40
\|
*	Handle binds to compat entries without "uid"s	Nalin Dahyabhai	2013-08-12	1	-11/+35
\| \| \| \| \| \| \|	Use a dummy user name if the one we get passed is NULL, which happens when the bind target entry doesn't contain a "uid" attribute. Try to avoid a timing attack by calling into PAM anyway. Switch to just logging the detailed error information, and telling the client nothing.
*	Consolidate PAM error checking/handling/reporting	Nalin Dahyabhai	2013-08-12	1	-144/+108
\| \| \| \| \| \| \|	Don't bother to fetch the full set of request controls, since we don't do anything with them. Merge what's left of backend_sch_do_pam_auth() and do_pam_auth(). Separate the concoct-an-error-message logic out into a helper that we call after both pam_authenticate() and pam_acct_mgmt().
*	Make --with-pam-service a build-time option	Nalin Dahyabhai	2013-08-07	1	-1/+2
\|
*	schema-compat: add support for authenticating users through PAM	Alexander Bokovoy	2013-08-07	1	-0/+290
	src/back-sch-pam.c implements PAM authentication for users not found in the LDAP tree using system-auth system service when running on FreeIPA master server.