| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
This reverts commit 75a9f18ad8ac6e885ac34cdeebc4d8f8734713f8.
|
|
|
|
|
|
|
| |
Do not attempt to validate expired entries in cache, just delete them.
Also increase the cache timeouts.
Fixes: #331
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Update translations
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
uint32_t pointers must point to 32 bit aligned data on ARM. Instead of padding the data to force it into alignment I altered the code to memcpy the data to an aligned location. I'd appreciate any and all feedback especially on whether I took the best approach.
pam_test_client auth and pam_test_client acct now work on my armeb-xscale-linux-gnueabi target.
Signed-off-by: George McCollister <georgem@opteron.novatech-llc.com>
|
|
|
|
|
|
|
| |
We weren't properly setting read/write flags on the tevent fd
events, so c-ares was unable to perform bidirectional
communication for TCP DNS (in situations where the response is too
large to send by UDP)
|
| |
|
|
|
|
|
|
|
| |
This target is available only if building from a git checkout.
It will automatically populate the PRERELEASE_VERSION in
version.m4 with the current datestamp and git commit id for
creating an RPM.
|
|
|
|
|
|
|
| |
This target is available only if building from a git checkout.
It will automatically populate the PRERELEASE_VERSION in
version.m4 with the current datestamp and git commit id for
creating an SRPM.
|
|
|
|
|
|
|
|
| |
This is the preferred way of setting the version in a file, as
autotools will properly monitor this file for changes and rerun
autoconf/configure when necessary to update the version. This
means that we don't need to manually perform an autoreconf in
order to build a new RPM
|
| |
|
|
|
|
|
|
|
|
| |
This fixes two issues:
1) Eliminates a double-free when a timeout occurs (we were freeing
the running event context)
2) Ensures that we don't continue to schedule unnecessary timeout
checks
|
|
|
|
|
|
| |
The manual pages for userdel and groupdel utilities incorrectly
stated that deleting a nonexistent user or group is a noop. We
changed that behavior, but forgot to sync the documentation.
|
| |
|
| |
|
|
|
|
|
| |
Some reformatting to stay within 79 char line length.
Better definition of server vs. machine usage in failover section.
|
|
|
|
|
|
| |
When the resolv context destructor is invoked, the callbacks for pending
queries could have been called with ARES_EDESTRUCTION and try to re-send
the query.
|
|
|
|
|
|
|
|
| |
Since ares_process_fd() might also cause fd_event() to be called again,
calling ares_process_fd() is unwise. The bug will cause a crash if
c-ares is using tcp connections.
Fixes: #384
|
|
|
|
|
|
|
|
| |
Since we only call c-ares to process input on FD when there is an
activity on them, c-ares never gets a chance to react to a timed-out
request. This caused SSSD to hang.
Fixes: #381
|
|
|
|
| |
We will allow 5s per DNS server, no retries.
|
| |
|
|
|
|
| |
Fixes: #378
|
|
|
|
| |
Update tests to reflect these removals.
|
| |
|
| |
|
|
|
|
| |
Fixes CVE-2010-0014
|
|
|
|
|
| |
This was missing from the SSSDConfig API, though it was supported
by the daemon.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The timeout handler was not a child of the request so it could fire even though
the request was already freed.
The code wouldn't use async writes to the children so it could incur in a short
write with no way to detect or recover from it.
Also fixed style of some helper functions to pass explicit paramters instead of
a general structure.
Add common code to do async writes to pipes.
Fixed async write issue for the krb5_child as well.
Fix also sdap_kinit_done(), a return statement was missing and we were mixing
SDAP_AUTH and errno return codes in state->result
Remove usless helper function that just replicates talloc_strndup()
|
|
|
|
|
| |
Do not handle a missing ccache file as inactive by default, check if
there are still active processes of the user.
|
| |
|
|
|
|
|
|
| |
If pam_sm_chauthtok is called with the flag PAM_PRELIM_CHECK set we
generate a separate call to the sssd to validate the old password before
asking for a new password and sending the change password request.
|
| |
|
|
|
|
| |
We support installed access providers as well as permit and deny
|
|
|
|
| |
This matches the DEBUG logging available for groups.
|
| |
|
| |
|
|
|
|
|
| |
The first fix only fixed tight loops caused by setting 'timeout=0'
in services. This patch also fixes it for domains.
|