summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* FO: Check server validity before setting statusJakub Hrozek2012-10-037-34/+63
| | | | | | | | | | | | | | | | | The list of resolved servers is allocated on the back end context and kept in the fo_service structure. However, a single request often resolves a server and keeps a pointer until the end of a request and only then gives feedback about the server based on the request result. This presents a big race condition in case the SRV resolution is used. When there are requests coming in in parallel, it is possible that an incoming request will invalidate a server until another request that holds a pointer to the original server is able to give a feedback. This patch simply checks if a server is in the list of servers maintained by a service before reading its status. https://fedorahosted.org/sssd/ticket/1364
* Add support for terminating idle connectionsShantanu Goel2012-10-012-2/+67
|
* Do not send SIGPIPE on disconnectionShantanu Goel2012-10-011-6/+21
| | | | | | | | Note we set MSG_NOSIGNAL to avoid having to fiddle with signal masks but also do not want to die in case SIGPIPE gets raised and the application does not handle it.
* Log message if close() fails in destructor.Shantanu Goel2012-10-011-1/+12
|
* Set return errno to the value prior to calling close().Shantanu Goel2012-10-011-2/+2
|
* Fixed wrong number in shadowLastChangesssd-1.8.0-32.1.el6_3Jan Zeleny2012-08-171-1/+2
| | | | | The attribute is supposed to contain number of days since the epoch, not the number of seconds.
* Send 16bit protocol numbers from the sss_clientJakub Hrozek2012-05-291-7/+9
| | | | | | | | https://fedorahosted.org/sssd/ticket/1348 NSS: Restore original protocol for getservbyport When fixing an endianness bug, we changed the protocol unnecessarily.
* Use sized_string correctly in FQDN domainssssd-1.8.0-30.el6Jakub Hrozek2012-05-241-2/+2
|
* LDAP nested groups: Do not process callback with _post deep in the nested ↵sssd-1.8.0-29.el6Jakub Hrozek2012-05-221-12/+10
| | | | | | structure https://fedorahosted.org/sssd/ticket/1343
* NSS: Expire in-memory netgroup cache before the nowait timeoutStephen Gallagher2012-05-161-1/+9
| | | | | | | | The fact that we were keeping it in memory for the full duration of the cache timeout meant that we would never reap the benefits of the midpoint cache refresh. https://fedorahosted.org/sssd/ticket/1340
* SYSDB: Handle user and group renames bettersssd-1.8.0-27.el6Jakub Hrozek2012-05-112-7/+182
| | | | | | | | | | | | Fixes a regression in the local domain tools where sss_groupadd no longer detected a GID duplicate. The check for EEXIST is moved one level up into more high level function. The patch also adds the same rename support for users. I found it odd that we allowed a rename of groups but not users. There is a catch when storing a user -- his cached password would be gone. I think that renaming a user is such a rare operation that it's not severe, plus there is a warning in the logs.
* Send the correct enumeration requestsssd-1.8.0-26.el6Jakub Hrozek2012-05-101-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1329
* Special-case LDAP_SIZELIMIT_EXCEEDEDJakub Hrozek2012-05-101-4/+9
| | | | | | | | | | | | Previous version of the SSSD did not abort the async LDAP search operation on errors. In cases where the request ended in progress, such as when the paging was very strictly limited, the old versions at least returned partial data. This patch special-cases the LDAP_SIZELIMIT_EXCEEDED error to avoid a user-visible regression. https://fedorahosted.org/sssd/ticket/1322
* Read sysdb attribute name, not LDAP attribute map nameJakub Hrozek2012-05-101-2/+2
| | | | https://fedorahosted.org/sssd/ticket/1320
* Lowercase group members in case-insensitive domainsJakub Hrozek2012-04-301-1/+7
| | | | https://fedorahosted.org/sssd/ticket/1312
* AUTOFS: fix copy-and-paste bug in the autofs clientJakub Hrozek2012-04-201-1/+1
|
* sdap_check_aliases must not error when detects the same userJakub Hrozek2012-04-201-13/+31
| | | | https://fedorahosted.org/sssd/ticket/1307
* Get the RootDSE after binding if not successfull beforeJakub Hrozek2012-04-201-26/+104
| | | | https://fedorahosted.org/sssd/ticket/1258
* Add umask before mkstemp() call in SSH responderJan Zeleny2012-04-091-0/+3
|
* Only free returned values on successJakub Hrozek2012-04-091-3/+3
| | | | https://fedorahosted.org/sssd/ticket/1237
* Fixed uninitialized pointer in SSH authorized keys clientJan Zeleny2012-04-091-1/+1
|
* Fixed uninitialized pointer in SSH known host proxyJan Zeleny2012-04-091-1/+1
|
* Autofs: operate on contents of double-pointer, not addressJakub Hrozek2012-04-091-3/+3
| | | | https://fedorahosted.org/sssd/ticket/1234
* Catch cases where D-Bus connection is NULLJakub Hrozek2012-04-092-0/+24
| | | | https://fedorahosted.org/sssd/ticket/1270
* Fix regression in SSSDConfig.pyJakub Hrozek2012-04-091-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1291
* Make the string_equal() function publicsssd-1.8.0-20.el6Jakub Hrozek2012-03-303-13/+14
|
* Return correct resolv_status on resolver timeoutJakub Hrozek2012-03-304-24/+95
| | | | https://fedorahosted.org/sssd/ticket/1274
* Save alias of the primary name, tooJakub Hrozek2012-03-302-11/+23
|
* Fix off-by-one error in principal selectionJakub Hrozek2012-03-301-3/+3
| | | | https://fedorahosted.org/sssd/ticket/1269
* Support lookup of services with case-insensitive protocolJakub Hrozek2012-03-304-58/+75
| | | | | | | | | | Add sss_get_cased_name_list utility function LDAP services: Save lowercased protocol names in case-insensitive domains https://fedorahosted.org/sssd/ticket/1260 Proxy services: Save lowercased protocol names and aliases in case-insensitive domains
* NSS: Look for services with correct case when cache is updatedJakub Hrozek2012-03-301-7/+7
| | | | https://fedorahosted.org/sssd/ticket/1259
* Start SSSD earlier and stop it laterStephen Gallagher2012-03-211-1/+1
| | | | | | | | SSSD needs to be started before NFS-related processes or they will mount with the username 'nobody' if they would have otherwise used LDAP accounts. https://fedorahosted.org/sssd/ticket/1273
* Fix uninitialized variablesssd-1.8.0-17.el6Jakub Hrozek2012-03-201-1/+1
|
* SSH: Fix infinite loop in sss_ssh_knownhostsproxyJan Cholasta2012-03-201-6/+9
| | | | https://fedorahosted.org/sssd/ticket/1268
* LDAP: Errors retrieving the RootDSE should not be fatalsssd-1.8.0-16.el6Stephen Gallagher2012-03-161-15/+8
| | | | | | | | If we can't reach the RootDSE, let's just proceed as if it's unavailable with reasonable defaults. If we fail later on, that's fine. Fixes https://fedorahosted.org/sssd/ticket/1257
* SYSDB: Save only lowercased aliases in case-insensitive domainsStephen Gallagher2012-03-161-19/+28
| | | | https://fedorahosted.org/sssd/ticket/1253
* SSH: Canonicalize host name and do reverse DNS lookupJan Cholasta2012-03-168-101/+101
| | | | | | | | | | | SSH: Allow clients to explicitly specify host alias This change removes the need to canonicalize host names on the responder side - the relevant code was removed. SSH: Canonicalize host name and do reverse DNS lookup in sss_ssh_knownhostsproxy https://fedorahosted.org/sssd/ticket/1245
* Save original name into the in-memory cacheJakub Hrozek2012-03-161-1/+1
|
* IPA: Initialize hbac_ctx to NULLsssd-1.8.0-15.el6Stephen Gallagher2012-03-121-1/+1
|
* Update translations for RHEL 6.3Stephen Gallagher2012-03-1246-465/+20979
| | | | | | | | Include new manpages in translations Updating translations for SSSD 1.8.1 Fix validation errors in translations
* Handle errors from lookup_netgr_step gracefullyJakub Hrozek2012-03-121-3/+10
|
* Fix netgroup error handlingsssd-1.8.0-12.el6Jakub Hrozek2012-03-091-20/+65
| | | | | | https://fedorahosted.org/sssd/ticket/1242 Handle empty elements in proxy netgroups:
* PROXY: Create fake user entries for group lookupsStephen Gallagher2012-03-091-3/+85
|
* Fix nested groups processingJakub Hrozek2012-03-091-27/+61
| | | | | | | Instead of keeping the number of parent groups in "state" and having to reset the count when moving to another group on the same level, keep track of the all groups on a particular level along with their parents and parent count.
* DP: Reorganize memory hierarchy of requestsStephen Gallagher2012-03-091-24/+108
| | | | | | | | | | | | | This function alters the memory hierarchy of the be_req to ensure memory safety during shutdown. It creates a spy on the be_cli object so that it will free the be_req if the client is freed. It is generally allocated atop the private data context for the appropriate back-end against which it is being filed. https://fedorahosted.org/sssd/ticket/1226
* Search netgroups by alias, tooJakub Hrozek2012-03-092-3/+5
| | | | https://fedorahosted.org/sssd/ticket/1228
* Hide --debug option in sss_debuglevelPavel Březina2012-03-091-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1224
* IPA: Fix segfault with srchost functionality enabledStephen Gallagher2012-03-091-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1215
* Only do one cycle when resolving a serverJakub Hrozek2012-03-097-59/+132
|
* IPA: Check nsAccountLock during PAM_ACCT_MGMTStephen Gallagher2012-03-097-13/+87
| | | | https://fedorahosted.org/sssd/ticket/1227
generated by cgit (git 2.34.1) at 2024-06-17 00:11:07 +0000