summaryrefslogtreecommitdiffstats
path: root/ipa-server/ipa-kpasswd
Commit message (Collapse)AuthorAgeFilesLines
* Fix usage of mozldap libraries,Simo Sorce2008-08-131-1/+1
| | | | thanks to W. Michael Petullo <mike@flyn.org> for finding the problem.
* In openvz we found out some interfaces may return a null pointer here.Simo Sorce2008-07-151-0/+4
| | | | | Skip them if no address is provided or we later get a segfault because we dereference a null pointer.
* fix typoSimo Sorce2008-07-151-1/+1
|
* Make sure we have the right prototypes when using openldap libsSimo Sorce2008-07-091-0/+1
|
* Fix some small issues that caused compiler warnings, like uninitialized or ↵Martin Nagy2008-06-301-2/+4
| | | | unused variables or missing krb5 prototypes.
* Fix typo in inet typeSimo Sorce2008-06-111-1/+1
|
* Make ipa_kpasswd listen on each single interface explicitlySimo Sorce2008-05-291-66/+173
| | | | | instead of 0.0.0.0, this allows us to reply to a UDP request by using the right source address to build the kerberos reply.
* Fix crash bug in ipa_kpasswdSimo Sorce2008-05-291-2/+3
|
* Fix testing for asprintf errors, we need to test the return value asSimo Sorce2008-05-221-50/+41
| | | | | | | per standard the buffer status is undefined. While there also introduce a new spearate variable to return the final error and keep using ret for local error checks. This avoid potentially overwriting the correct return value when checking for asprintf ...
* detect failure to write ipa_kpasswd.pid fileJim Meyering2008-05-151-7/+12
| | | | | * ipa_kpasswd.c (main): Detect not just open failure, but also any write failure.
* remove useless if-before-free testsJim Meyering2008-05-151-4/+4
| | | | | | | | | | | | I've been on a crusade (;-) to remove useless if-before-free tests, so ran a script that spotted some here. I think I removed the first batch (without braces) automatically, then manually removed the ones with curly braces around the free statements. You may well have doubts about the portability of removing those tests, but as long as you don't care about SunOS4 or earlier, you'll be fine. I've done similar things for e.g., coreutils, glibc, and git, and have had no problems.
* This patch begins the process of replacing OpenLDAP with mozldap.W. Michael Petullo2008-05-011-14/+16
| | | | | | | | | FreeIPA relies on RedHat's Directory Server, which uses mozldap. A FreeIPA build using mozldap would reduce the project's dependencies and redundant code. In addition, mozldap uses NSS instead of OpenSSL. This is beneficial for the reasons listed in [1]. [1] http://fedoraproject.org/wiki/FedoraCryptoConsolidation
* Move ipa_kpasswd credential cache in its own directorySimo Sorce2008-04-012-1/+9
|
* Set the license uniformly to GPLv2 only.Rob Crittenden2008-02-041-1/+19
|
* Create /var/run/<process>.pid to play nicers with the start scriptsRob Crittenden2008-02-061-3/+13
| | | | Need to start ipa_webgui as root and drop privs in order to write in /var/run
* Fix issues reported by rpmlint.Rob Crittenden2008-01-182-10/+17
| | | | | | | | | | | | | | - Removing shebangs (#!) from a bunch of python libraries - Don't use a variable name in init scripts for the lock file - Keep the init script name consistent with the binary name, so renamed ipa-kpasswd.init to ipa_kpasswd.init - Add status option to the init scripts - Move most python scripts out of /usr/share/ipa and into the python site-packages directories (ipaserver and ipaclient) - Remove unnecessary sys.path.append("/usr/share/ipa") - Fix the license string in the spec files - Rename ipa-webgui to ipa_webgui everywhere - Fix a couple of issues reported by pychecker in ipa-python
* Minor fixSimo Sorce2007-12-111-1/+1
|
* Fix kdec.length or we may try to double free() or free() uninitiualized data.Simo Sorce2007-12-071-0/+4
|
* Fix subtle errors in kpasswdSimo Sorce2007-11-201-25/+73
|
* - Report correct information back to users when policies prevent a successfulSimo Sorce2007-11-161-43/+202
| | | | | | | password change. - Fix some minor error Initial code to read the Kerberos Master Key from the Directory
* Initial implementation of policies support.Simo Sorce2007-11-131-1/+5
| | | | | | | | | | | | | | | | | | | This patch uses the kerberos schema policy, this is the same policy used by kadmin. While this patch allows for krbPwdPolicy objects anywhere the kldap module will make the kdc fail to provide tickets if the "krbPwdPolicyReference" points to any object that is not a child of cn=<REALM>,cn=kerberos,dc=.... To let us set policies anywhere in the tree I enabled the code to actually look at parent entries and the user entry itself and specify policies directly on these objects by adding the krbPwdPolicy objectclass to them (I know its structural but DS seem to allow multiple Structural classes on the same entry). The only side effect is that kadmin will not understand this, but we don't want to use kadmin anyway as it does not understand way too many things about the directory. I've tested a few scenarios and all seem working as expected, but further testing is welcome of course.
* Additional build fixes from autoconf merge.Karl MacMillan2007-10-181-1/+1
|
* Autotool ipa-server - patch from William Jon McCann <mccann@jhu.edu>.Karl MacMillan2007-10-172-23/+50
|
* Better handling of IPv4/IPv6 sockets in ipa-kpasswdSimo Sorce2007-10-121-132/+82
| | | | Tested with UDP and works
* Karl MacMillan wrote:Karl MacMillan2007-10-091-6/+4
| | | | | | | | | | | | | > > This largish patch makes the build and installation work on 64bit > > machines. The only catch here is that to get a 64bit build you need to > > set LIBDIR on make: > > > > make install LIBDIR=/usr/lib64 > > > > The spec file does this correctly. I couldn't find any reliable way to > > guess this that works both on real systems and in the almost entirely > > empty rpm build root (you can't, for example, check for the existence > > of /usr/lib64).
* IPv6ify, untestedSimo Sorce2007-09-281-20/+55
|
* In the TCP case there is an extra (redundant) lenghtSimo Sorce2007-09-121-1/+9
| | | | field before the packet data, address the problem.
* Remove dependncy on libmhash and use openssl md4 functionsSimo Sorce2007-08-201-1/+1
| | | | | | | Remove all dependencies on mhash Remove code optimizatrion from Makefiles, right now these are developers targeted builds, so it is better to have debugging symbols around
* Complete proper daemonization by closing std* descriptors.Simo Sorce2007-08-171-0/+4
| | | | This fixes install as well as /sbin/services does not hang anymore
* Add forgotten ipa-kpasswd.initSimo Sorce2007-08-171-0/+76
|
* Improve ipa-kpasswd so that it can be installed and startedSimo Sorce2007-08-151-75/+110
| | | | | Make it daemonize Make it use syslog (LOG_DAEMON facility)
* Activate the passwd extop plugin and ipa-kpasswd daemonSimo Sorce2007-08-152-2/+16
|
* Clean up code so that Wall returns 0 complaintsSimo Sorce2007-08-151-17/+17
|
* Updates to build kpaswd and the slapi plugins.Karl MacMillan2007-08-101-3/+20
|
* Fix location of the binarySimo Sorce2007-08-092-1/+2
| | | | Add a comment on the ldap code for the future
* Make the daemon init it's own tickets.Simo Sorce2007-08-081-46/+405
| | | | | Make it blacklist clients until the previous operation is not over. General bugfixing.
* move ipa-kpasswd to a new location to conform to the new tree layoutSimo Sorce2007-08-013-0/+636
generated by cgit (git 2.34.1) at 2024-11-12 23:57:38 +0000