summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Release SSSD 1.2.2sssd-1_2_2Stephen Gallagher2010-08-0215-145/+157
|
* Clean up initgroups processing for RFC2307Stephen Gallagher2010-07-301-16/+196
| | | | | | | | Instead of recursively updating all users of each group the user being queried belongs to, just add or remove membership for the requested user. Fixes https://fedorahosted.org/sssd/ticket/478
* Add sysdb_update_members functionStephen Gallagher2010-07-303-0/+369
| | | | | | | | This function will take a user, a list of groups that this user should be added to and a list of groups the user should be removed from and will recursively call sysdb_[add|remove]_group_member Includes a unit test
* Add dup_string_list() utility functionStephen Gallagher2010-07-302-0/+37
|
* Add sysdb_group_dn_name utility functionStephen Gallagher2010-07-302-0/+24
|
* Add diff_string_lists utility functionStephen Gallagher2010-07-304-1/+449
| | | | Includes a unit test
* Add sysdb_attrs_to_list() utility functionStephen Gallagher2010-07-303-0/+112
|
* Allow sssd clients to reconnectSumit Bose2010-07-231-4/+3
| | | | | | | Currently the PAM and NSS client just return an error if there are problems on an open socket. This will lead to problems in long running programs like gdm if sssd is restarted, e.g. during an update. With this patch the socket is closed and reopened.
* Log TLS errors to syslogStephen Gallagher2010-07-092-1/+23
| | | | | Also adds support for detecting LDAPS errors by adding a check for SDAP_DIAGNOSTIC_MESSAGE after ldap_search_ext()
* Add syslog messages for LDAP GSSAPI bindStephen Gallagher2010-07-091-2/+58
| | | | | We will now emit a level 0 debug message on keytab errors, and also write to the syslog (LOG_DAEMON)
* Add log notifications for startup and shutdown.Stephen Gallagher2010-07-091-1/+4
|
* Add sss_log() functionStephen Gallagher2010-07-093-1/+83
| | | | | Right now, this log function writes to the syslog. In the future, it could be modified to work with ELAPI or another logging API.
* Make RootDSE optionalStephen Gallagher2010-06-282-3/+17
| | | | | | | | | | | In violation of the standard, some LDAP servers control access to the RootDSE, thus preventing us from being able to read it before performing a bind. This patch will allow us to continue on if the RootDSE was inaccessible. All of the places that we use the return value of the RootDSE after this are already checked for NULL and use sane defaults if the RootDSE is unavailable
* Add explicit requests for several operational attrsAlexander Gordeev2010-06-281-1/+12
| | | | | | | | | | | | | | | | Operational attributes are not returned in searched requests unless explicitly requested according to RFC 4512 section 5.1. Therefore to get several standard attributes of root DSE we have to request for them. The requested attrs are: - altServer - namingContexts - supportedControl - supportedExtension - supportedFeatures - supportedLDAPVersion - supportedSASLMechanisms Signed-off-by: Alexander Gordeev <lasaine@lvk.cs.msu.su>
* Fix SASL authenticationSumit Bose2010-06-281-2/+2
|
* Fixing types in queue and stack interfacesDmitri Pal2010-06-287-21/+20
|
* Bump libini_config version to 0.5.1Stephen Gallagher2010-06-282-3/+3
|
* Drop release requirement from versionsStephen Gallagher2010-06-281-4/+4
|
* Releasing SSSD 1.2.1sssd-1_2_1Stephen Gallagher2010-06-1815-1727/+1644
|
* Protect against segfault in remove_ldap_connection_callbacksStephen Gallagher2010-06-181-1/+6
| | | | | | | | | If sdap_mark_offline() is called before a live connection is established, sdap_fd_events could be NULL, causing a segfault when remove_ldap_connection_callbacks() attempts to free the sdap_fd_events->conncb https://fedorahosted.org/sssd/ticket/545
* Fix return value from remove_connection_callback() destructorStephen Gallagher2010-06-181-9/+2
| | | | | ldap_get_option() can only fail if the option we're removing has already been removed. It is sufficient to log this and continue.
* Fix potential resource leak in remove_tree_with_ctx()Stephen Gallagher2010-06-171-1/+10
| | | | https://fedorahosted.org/sssd/ticket/515
* Honor filter_users in PAMStephen Gallagher2010-06-173-10/+47
|
* Move setup of filter_users and filter_groups to negcache.cStephen Gallagher2010-06-173-187/+220
| | | | | Creates a new function - sss_ncache_prepopulate() - that can be shared with other responders, such as PAM.
* Refactor the negative cacheStephen Gallagher2010-06-176-67/+68
| | | | | Rename functions from nss_ncache_* to sss_ncache_* Move negative cache to responder/common and rename as negcache.c/h
* Initialize len before looping to read the pidfileStephen Gallagher2010-06-171-1/+1
| | | | https://fedorahosted.org/sssd/ticket/544
* Standardize on correct spelling of "principal" for krb5Stephen Gallagher2010-06-168-19/+19
| | | | https://fedorahosted.org/sssd/ticket/542
* Remove references to the DP service from the SSSDConfig API testsStephen Gallagher2010-06-162-6/+0
|
* Handle (ignore) unknown options in get_domain() and get_service()Stephen Gallagher2010-06-163-10/+72
| | | | | We will now eliminate any unknown options and providers to guarantee that the domain is safe for use.
* Add ldap_force_upper_case_realm to example AD configStephen Gallagher2010-06-141-0/+1
| | | | https://fedorahosted.org/sssd/ticket/532
* Print correct return codeJakub Hrozek2010-06-141-1/+1
| | | | Fixes: #535
* Check closedir call in find_uidJakub Hrozek2010-06-141-4/+9
| | | | Fixes: #503
* Potential memory leak in _nss_sss_*_r()Jakub Hrozek2010-06-142-0/+5
| | | | Fixes: #516
* Fix potential resource leak in copy_tree_ctx()Jakub Hrozek2010-06-141-2/+10
| | | | Ticket #515
* Don't segfault if ldap_access_filter is unspecifiedStephen Gallagher2010-06-141-12/+13
| | | | https://fedorahosted.org/sssd/ticket/539
* Fix invalid talloc_move in groupshowJakub Hrozek2010-06-141-1/+7
|
* get_uid_from_pid should use fstat rather than lstatJakub Hrozek2010-06-141-11/+11
| | | | Fixes: #541
* Properly null-terminate socket pathStephen Gallagher2010-06-141-2/+4
| | | | https://fedorahosted.org/sssd/ticket/540
* Remove the -g option from useraddJakub Hrozek2010-06-142-93/+2
|
* Undocument the krb5_changepw_principal optionJakub Hrozek2010-06-145-20/+3
| | | | Fixes: #531
* Addressing initialization issues.Dmitri Pal2010-06-101-6/+6
| | | | | Fixing bug found by coverity. Tciket #519
* Make sure to close varargs before returning from a functionStephen Gallagher2010-06-102-3/+2
| | | | https://fedorahosted.org/sssd/ticket/528
* Eliminate unused variable from pc_init_timeout()Stephen Gallagher2010-06-101-4/+0
| | | | https://fedorahosted.org/sssd/ticket/525
* Check return code of hash_delete in proxy_child_destructorStephen Gallagher2010-06-101-1/+7
| | | | | | | We can't do much about an error here, but we should be reporting it. https://fedorahosted.org/sssd/ticket/534
* Properly check that the timeout event was created for cleanup/enumStephen Gallagher2010-06-102-2/+46
| | | | | | | | | We need to make sure that if we didn't create the timeout, that we cancel the request so there's no chance of ending up with two enumerations/cleanups running simultaneously. We'll attempt to reschedule later, if possible. https://fedorahosted.org/sssd/ticket/524
* Check the correct variable for NULL after creating timerStephen Gallagher2010-06-103-4/+4
| | | | | | | | | In several places, we were creating a new timer and assigning it to the tev variable, but then we were checking for NULL from the te variable (which, incidentally, is guaranteed never to be NULL in this situation) https://fedorahosted.org/sssd/ticket/523
* Don't leak directory access resources on errors in directory_list()Stephen Gallagher2010-06-101-0/+8
| | | | https://fedorahosted.org/sssd/ticket/514
* Properly handle missing originalMemberOf entry in initgroupsStephen Gallagher2010-06-101-0/+1
| | | | | | | Failing to return after the tevent_req_post() here can result in a null-pointer dereference (along with other hard-to-track bugs) https://fedorahosted.org/sssd/ticket/507
* Avoid potential NULL dereferenceStephen Gallagher2010-06-101-3/+5
| | | | https://fedorahosted.org/sssd/ticket/506
* Fixing NULL dereferencing in ini_configDmitri Pal2010-06-101-24/+34
| | | | Addressing ticket #504
generated by cgit (git 2.34.1) at 2024-04-19 08:48:49 +0000