summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Dead assignments cleanup in providers codeJan Zeleny2010-09-086-20/+9
| | | | | | | Dead assignments were deleted. Also prototype of function sdap_access_decide_offline() has been changed, since its return code was never used. Ticket: #586
* Deobfuscate password in back endsJakub Hrozek2010-09-083-10/+66
| | | | | | When obfuscated password is used in config file, the LDAP backend converts it back to clear text and uses it to authenticate to the server.
* sss_obfuscate toolJakub Hrozek2010-09-084-1/+204
| | | | A tool to add obfuscated passwords into the SSSD config file
* Python bindings for obfuscationJakub Hrozek2010-09-081-3/+180
|
* Fix pysss linkingJakub Hrozek2010-09-081-0/+3
|
* Password obfuscation utility functionsJakub Hrozek2010-09-085-1/+667
| | | | | | | Adds two utility functions to obfuscate a password and inverse to extract the cleartext password back. So far, only NSS-based implementation is provided.
* Add safe copy/move macros for uint16_tJakub Hrozek2010-09-081-1/+11
|
* Move crypto functions into its own subdirJakub Hrozek2010-09-088-47/+119
| | | | | | A refactoring patch that creates a common util/crypto subdir with per-implementation subdirectories for each underlying crypto library supported by SSSD.
* Fixed small issue in memory context hierarchyJan Zeleny2010-09-071-1/+1
| | | | | In fail_over.c, there was a small bug causing subrequest to have wrong parent memory context. This patch fixes it.
* Reviewed sssd-ldap man pageJan Zeleny2010-09-071-7/+207
| | | | Some config options updated, newly documented 12 new options.
* Cleaned some dead assignmentsJan Zeleny2010-09-072-15/+13
| | | | | | Two needless assignments were deleted, two were complemented with code checking function results. Ticket: #582
* Package systemd unit fileJakub Hrozek2010-09-022-1/+18
| | | | | | | So far, the systemd unit file is only packaged but not used in any of the packaged spec files. Fixes: #483
* Fixed uninialized value in proxy_id providerJan Zeleny2010-09-021-0/+2
| | | | | | | In function get_pw_name when allocation of memory fails, there were two codepaths which could cause printing of undefined value. This patch fixes both cases. Ticket: #580
* Fixed printing of undefined value in sdap_async_accounts.cJan Zeleny2010-09-021-1/+1
| | | | | | | If sysdb_attrs_get_el() call failed in function sdap_save_group(), it would result in printing an undefined value of variable name. This is now fixed by initializing the variable. Ticket: #579
* Fixed potential comparison of undefined variableJan Zeleny2010-09-021-0/+1
| | | | | | If the allocation on line 678 failed, the value of ret was undefined in following comparison. ENOMEM is now assigned before the comparison. Ticket: #578
* Initialized return value in dp_copy_options()Jan Zeleny2010-09-021-1/+1
| | | | | | | In the very unlikely case dp_copy_options was called with num_options == 0, the return value as well as the left operand of comparison on line 214 would be undefined. Ticket: #577
* Fix wrong return value in HBAC time rules evaluationJakub Hrozek2010-09-021-0/+1
| | | | Fixes: #584
* Remove useless /etc/dbus-1/system.d directory from installationMaxim2010-09-021-2/+0
| | | | Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
* Add gentoo-specific init dirMaxim2010-09-022-1/+6
| | | | Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
* Add custom pam module dirMaxim2010-09-022-1/+8
| | | | Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
* Add gentoo distrubutionsMaxim2010-09-023-1/+28
| | | | Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
* Make ldap bind asynchronousMartin Nagy2010-09-028-167/+1222
| | | | | | Every ldap function that could possibly create a new connection is now wrapped in a tevent_req. If the connection is created, we will call the function again after the socket is ready for writing.
* Properly handle errors from a password change operationStephen Gallagher2010-09-021-8/+14
|
* Treat a zero-length password as a failureStephen Gallagher2010-08-241-0/+7
| | | | | Some LDAP servers allow binding with blank passwords. We should not allow a blank password to authenticate the SSSD.
* Don't build SSSDConfig API when configured with --without-python-bindingsStephen Gallagher2010-08-231-1/+14
|
* Fix configure check for ldbMaxim2010-08-231-1/+1
|
* Fix building sssdMaxim2010-08-231-0/+6
|
* Remove src/Makefile.am and src/configure.acStephen Gallagher2010-08-232-1226/+0
| | | | | They are no longer used. The toplevel Makefile.am builds everything now.
* Build SSSD RPMs with external librariesStephen Gallagher2010-08-191-225/+8
|
* Rewrite toplevel MakefileStephen Gallagher2010-08-1924-72/+1237
| | | | | | There is no longer a need to have nested Makefiles and configure scripts. This patch combines the src/ Makefile and configure.ac into the root.
* Remove common directoryStephen Gallagher2010-08-1990-37736/+2
| | | | | | | All files formerly in common are now being built individually out of the ding-libs repository. git clone git://git.fedorahosted.org/git/ding-libs.git
* Fix chpass operations with LDAP providerStephen Gallagher2010-08-041-0/+1
| | | | | | | The initial verification of the old password was returning an error because we were not explicitly setting dp_err to DP_ERR_SUCCESS and it was initialized earlier in the function to DP_ERR_FATAL.
* Releasing SSSD 1.3.0sssd-1_3_0Stephen Gallagher2010-08-0315-274/+298
|
* Clean up initgroups processing for RFC2307Stephen Gallagher2010-08-031-11/+89
| | | | | | | | Instead of recursively updating all users of each group the user being queried belongs to, just add or remove membership for the requested user. Fixes https://fedorahosted.org/sssd/ticket/478
* Add sysdb_update_members functionStephen Gallagher2010-08-033-0/+117
| | | | | | | | This function will take a user, a list of groups that this user should be added to and a list of groups the user should be removed from and will recursively call sysdb_[add|remove]_group_member Includes a unit test
* Add dup_string_list() utility functionStephen Gallagher2010-08-032-0/+37
|
* Add sysdb_group_dn_name utility functionStephen Gallagher2010-08-032-0/+24
|
* Add diff_string_lists utility functionStephen Gallagher2010-08-034-1/+449
| | | | Includes a unit test
* Add sysdb_attrs_to_list() utility functionStephen Gallagher2010-08-033-0/+112
|
* Return proper error value when SRV lookup failsJakub Hrozek2010-08-031-1/+1
| | | | Fixes: #587
* Fix check_time_rule() return value on failureJakub Hrozek2010-08-031-1/+1
| | | | | | | The value returned in the 'done:' label was always EOK which is wrong as any parsing errors are not returned to the caller. Fixes: #583
* be_pam_handler(): Fix potential NULL dereferenceStephen Gallagher2010-08-031-1/+2
|
* Fix two problems with --as-neededJakub Hrozek2010-08-032-3/+4
|
* Validate keytab at startupJakub Hrozek2010-08-034-48/+181
| | | | | | | | In addition to validating the keytab everytime a TGT is requested, we also validate the keytab on back end startup to give early warning that the keytab is not usable. Fixes: #556
* Fix getting default realm in the ldap childJakub Hrozek2010-08-031-1/+10
|
* Require -ltalloc for tevent configure checkStephen Gallagher2010-08-031-2/+8
|
* Allow sssd clients to reconnectSumit Bose2010-07-231-4/+3
| | | | | | | Currently the PAM and NSS client just return an error if there are problems on an open socket. This will lead to problems in long running programs like gdm if sssd is restarted, e.g. during an update. With this patch the socket is closed and reopened.
* Fix IPA access backend handling of obsolete and missing HBAC entries:eindenbom2010-07-231-9/+68
| | | | | - Ticket #567: Fix removal of obsolete HBAC host, rules and service records from sysdb. - Ticket #565: When no HBAC host record is found return PAM_PERM_DENIED instead of PAM_SYSTEM_ERROR.
* Do not treat missing HBAC rules as an errorSumit Bose2010-07-231-0/+5
|
* Updating es translationHéctor Daniel Cabrera2010-07-201-13/+13
|