summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Updating translations for 1.8.4 releasesssd-1_8_4Stephen Gallagher2012-05-3027-438/+1236
|
* Revert the client packet length, too, after reverting the packet protocolJakub Hrozek2012-05-291-1/+1
|
* NSS: Restore original protocol for getservbyportStephen Gallagher2012-05-252-3/+4
| | | | When fixing an endianness bug, we changed the protocol unnecessarily.
* Send 16bit protocol numbers from the sss_clientJakub Hrozek2012-05-252-7/+8
| | | | https://fedorahosted.org/sssd/ticket/1348
* Use sized_string correctly in FQDN domainsJakub Hrozek2012-05-231-2/+2
|
* Fixed issue in SELinux user mapsJan Zeleny2012-05-221-0/+2
| | | | | | There was an issue when IPA provider didn't set PAM_SUCCESS when successfully finished loading SELinux user maps. This lead to the map not being read in the responder.
* LDAP nested groups: Do not process callback with _post deep in the nested ↵Jakub Hrozek2012-05-221-12/+10
| | | | | | structure https://fedorahosted.org/sssd/ticket/1343
* Remove erroneous failure message in find_principal_in_keytabStef Walter2012-05-222-2/+4
| | | | | * When it's actually a failure, then the callers will print a message. Fine tune this.
* If canon'ing principals, write ccache with updated default principalStef Walter2012-05-222-3/+8
| | | | | | | | | | | * When calling krb5_get_init_creds_keytab() with krb5_get_init_creds_opt_set_canonicalize() the credential principal can get updated. * Create the cache file with the correct default credential. * LDAP GSSAPI SASL would fail due to the mismatched credentials before this patch. https://bugzilla.redhat.com/show_bug.cgi?id=811518
* KRB5: Avoid NULL-dereference with empty keytabStephen Gallagher2012-05-221-7/+13
| | | | https://fedorahosted.org/sssd/ticket/1330
* Limit krb5_get_init_creds_keytab() to etypes in keytabStef Walter2012-05-224-0/+181
| | | | | | | | | * Load the enctypes for the keys in the keytab and pass them to krb5_get_init_creds_keytab(). * This fixes the problem where the server offers a enctype that krb5 supports, but we don't have a key for in the keytab. https://bugzilla.redhat.com/show_bug.cgi?id=811375
* Warn to syslog when dereference requests failAriel Barria2012-05-221-2/+2
|
* NSS: Expire in-memory netgroup cache before the nowait timeoutStephen Gallagher2012-05-161-1/+9
| | | | | | | | The fact that we were keeping it in memory for the full duration of the cache timeout meant that we would never reap the benefits of the midpoint cache refresh. https://fedorahosted.org/sssd/ticket/1340
* Use the sysdb attribute name, not LDAP attribute nameJakub Hrozek2012-05-162-2/+2
|
* RPM: Allow running 'make rpms' on RHEL 5 machinesStephen Gallagher2012-05-151-5/+7
| | | | | | | | | | Our previous detection for this was flawed, because the %{rhel} macro did not exist on the version of RPM shipped with RHEL 5, but it worked when building for RHEL 5 through mock. This new patch relies on grepping /etc/redhat-release for the version information. https://fedorahosted.org/sssd/ticket/1206
* Potential NULL dereference in proxy providerAriel Barria2012-05-141-1/+1
|
* murmurhash: Relax inline requirementStephen Gallagher2012-05-111-2/+2
|
* build: resolve link failureJan Engelhardt2012-05-111-0/+1
| | | | | | | | | | | libtool: link: gcc -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual -Wcast-align -Wwrite-strings -Werror-implicit-function-declaration -fno-strict-aliasing -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -Wl,--version-script -Wl,./src/providers/sssd_be.exports -o sssd_be src/providers/data_provider_be.o src/providers/data_provider_fo.o src/providers/data_provider_opts.o src/providers/data_provider_callbacks.o src/providers/fail_over.o src/resolv/async_resolv.o -Wl,--export-dynamic -lpam -lcares ./.libs/libsss_util.a -ltevent -ltalloc -lpopt -lldb -ldbus-1 -lpcre -lini_config -lcollection -ldhash -llber -lldap -ltdb -lunistring -lcrypto /usr/lib64/gcc/x86_64-suse-linux/4.7/../../../../x86_64-suse-linux/bin/ld: src/providers/data_provider_be.o: undefined reference to symbol 'dlsym@@GLIBC_2.2.5' /usr/lib64/gcc/x86_64-suse-linux/4.7/../../../../x86_64-suse-linux/bin/ld: note: 'dlsym@@GLIBC_2.2.5' is defined in DSO /lib64/libdl.so.2 so try adding it to the linker command line /lib64/libdl.so.2: could not read symbols: Invalid operation collect2: error: ld returned 1 exit status make[2]: *** [sssd_be] Error 1 Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
* SYSDB: Handle user and group renames betterJakub Hrozek2012-05-112-7/+182
| | | | | | | | | | | | Fixes a regression in the local domain tools where sss_groupadd no longer detected a GID duplicate. The check for EEXIST is moved one level up into more high level function. The patch also adds the same rename support for users. I found it odd that we allowed a rename of groups but not users. There is a catch when storing a user -- his cached password would be gone. I think that renaming a user is such a rare operation that it's not severe, plus there is a warning in the logs.
* Send the correct enumeration requestJakub Hrozek2012-05-101-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1329
* Try all KDCs when getting TGT for LDAPJakub Hrozek2012-05-091-15/+18
| | | | | | | | When the ldap child process is killed after a timeout, try the next KDC. When none of the ldap child processes succeed, just abort the connection because we wouldn't be able to authenticate to the LDAP server anyway. https://fedorahosted.org/sssd/ticket/1324
* krb5 locator: Do not leak addrinfoJakub Hrozek2012-05-071-0/+2
|
* Kerberos locator: Include the correct krb5.h header fileJakub Hrozek2012-05-072-2/+14
| | | | https://fedorahosted.org/sssd/ticket/1325
* Special-case LDAP_SIZELIMIT_EXCEEDEDJakub Hrozek2012-05-071-4/+9
| | | | | | | | | | | | Previous version of the SSSD did not abort the async LDAP search operation on errors. In cases where the request ended in progress, such as when the paging was very strictly limited, the old versions at least returned partial data. This patch special-cases the LDAP_SIZELIMIT_EXCEEDED error to avoid a user-visible regression. https://fedorahosted.org/sssd/ticket/1322
* Bump version to 1.8.4Stephen Gallagher2012-05-031-1/+1
|
* Update translations for 1.8.3 releasesssd-1_8_3Stephen Gallagher2012-05-0326-4467/+7025
|
* Read sysdb attribute name, not LDAP attribute map nameJakub Hrozek2012-05-031-2/+2
| | | | https://fedorahosted.org/sssd/ticket/1320
* Lowercase group members in case-insensitive domainsJakub Hrozek2012-04-241-1/+7
| | | | https://fedorahosted.org/sssd/ticket/1312
* confdb_get_bool needs a TALLOC_CTX in sssd-1.8Jakub Hrozek2012-04-241-1/+1
|
* Fix typo in translation fileStephen Gallagher2012-04-201-2/+2
|
* Fix typo: retreiving->retrievingYuri Chornoivan2012-04-201-1/+1
|
* Get the RootDSE after binding if not successfull beforeJakub Hrozek2012-04-201-26/+104
| | | | https://fedorahosted.org/sssd/ticket/1258
* Update translation filesStephen Gallagher2012-04-202-473/+589
|
* Two manual pages fixesMarco Pizzoli2012-04-202-1/+3
|
* Document sss_tools betterJakub Hrozek2012-04-209-0/+35
| | | | https://fedorahosted.org/sssd/ticket/917
* sdap_check_aliases must not error when detects the same userJakub Hrozek2012-04-201-13/+31
| | | | https://fedorahosted.org/sssd/ticket/1307
* proxy: new option proxy_fast_aliasJakub Hrozek2012-04-207-43/+143
|
* proxy: Canonicalize user and group namesJakub Hrozek2012-04-201-312/+354
| | | | https://fedorahosted.org/sssd/ticket/1249
* MAN: document the hostid and autofs providersJakub Hrozek2012-04-181-0/+60
|
* MAN: timeout can be specified for services, tooJakub Hrozek2012-04-181-14/+13
|
* autofs: Raise the maximum key length to PATH_MAXJakub Hrozek2012-04-181-2/+4
| | | | https://fedorahosted.org/sssd/ticket/1300
* sudo api: check sss_status instead of errnop in sss_sudo_send_recv_generic()Pavel Březina2012-04-181-2/+4
|
* Remove the "command" option from documentationJakub Hrozek2012-04-181-16/+0
| | | | | | It is a low-level developer option not indended to be consumed by users https://fedorahosted.org/sssd/ticket/1174
* Fix erronous reference to the 'allow' access_providerStef Walter2012-04-181-1/+1
| | | | | | | | * Should be 'permit' instead https://fedorahosted.org/sssd/ticket/1295 Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
* pam_sss: improve error handling in SELinux codeJakub Hrozek2012-04-181-3/+5
|
* MAN: Add ldap_sasl_minssf to the manpageStephen Gallagher2012-04-181-0/+16
|
* MAN: Improve ldap_disable_paging documentationStephen Gallagher2012-04-181-1/+4
|
* man: document that referral chasing might bring performance penaltyJakub Hrozek2012-04-181-0/+8
| | | | https://fedorahosted.org/sssd/ticket/1265
* Bumping version to 1.8.3Stephen Gallagher2012-04-091-1/+1
|
* Updating translation files for 1.8.2 releasesssd-1_8_2Stephen Gallagher2012-04-0926-377/+619
|
generated by cgit (git 2.34.1) at 2024-05-02 12:51:21 +0000