summaryrefslogtreecommitdiffstats
path: root/server
Commit message (Collapse)AuthorAgeFilesLines
* Add German translationFabian Affolter2009-12-092-0/+656
|
* Add missing options to sssd-ipa configuraionStephen Gallagher2009-12-091-0/+72
|
* Properly deny id_provider=filesStephen Gallagher2009-12-092-6/+7
|
* Correctly restart server status after the timeoutMartin Nagy2009-12-091-1/+1
| | | | | | | The macro STATUS_DIFF() was wrong causing the result to always be lower than 0, therefore the timeout was never reached. Fixes: #302
* Add some debugging statements to fail_over and resolverMartin Nagy2009-12-092-5/+69
| | | | | These were very useful for debugging and hopefully still will be in the future.
* Ensure that list_active_domains returns the real valueStephen Gallagher2009-12-091-4/+16
| | | | | | | | Previously, we were accidentally filtering out domains that were not configured, so deleted domains might still appear in the active domain list. This patch should ensure that this never happens.
* SSSDConfig.get_domain() should properly detect active stateStephen Gallagher2009-12-092-0/+30
|
* Don't build the SRV and TXT parsing code except for testsJakub Hrozek2009-12-092-8/+18
|
* Import ares 1.7.0 helpersJakub Hrozek2009-12-0910-116/+374
|
* Change ares usage to be c-ares 1.7.0 compatibleJakub Hrozek2009-12-093-87/+102
| | | | | | * Rename structure accordingly to ares upstream * Use new ares parsing functions in the wrappers * fix tests for ares 1.7
* SSSDConfig API: fix deactivate_domain()Stephen Gallagher2009-12-092-2/+73
| | | | | deactivate_domain() would crash if it attempted to deactivate an already-inactive domain
* Reduce code duplication between LDAP child and Kerberos childJakub Hrozek2009-12-094-234/+160
| | | | Fixes: #294
* Do not start with provider=filesJakub Hrozek2009-12-081-0/+6
| | | | Fixes: #233
* Fix SSSDConfig API bugs around [de-]activation of domainsStephen Gallagher2009-12-082-7/+152
| | | | | | | | | Adds two new public functions: SSSDConfig.activate_domain() SSSDConfig.deactivate_domain() These two functions are used during the save_domain() call to ensure that the active domain list is always kept up to date.
* Fix broken SSSDChangeConf.set() functionStephen Gallagher2009-12-081-1/+1
| | | | | | The set function didn't do anything at all. It needed to use the ipachangeconf.merge() function to behave properly instead of mergeNew()
* Reduce the verbosity of the SSSDConfigTestStephen Gallagher2009-12-081-4/+4
| | | | Now it will report only failures or final success
* Add SSSDDomain.set_name() function to SSSDConfig APIStephen Gallagher2009-12-082-3/+77
| | | | This function will change the name of an existing domain
* dhash: Add private pointer for delete callbackSimo Sorce2009-12-082-2/+3
| | | | | Also pass a flag to the delete callback to tell it if this is a normal entry removal or we are cleaning up the tbale definitively.
* Add Spanish translationbeckerde2009-12-081-166/+191
|
* Add Portuguese translationruigo2009-12-082-0/+654
|
* Make SSSDDomain.remove_provider() remove configured optionsStephen Gallagher2009-12-082-6/+54
| | | | | | | We will remove all options for a provider that are not also required by another configured provider. (For example, we will not remove krb5_realm when deleting the krb5 auth provider if the LDAP provider is in use, since it may still require this argument).
* SSSDDomain.remove_provider() requires only the provider typeStephen Gallagher2009-12-082-12/+18
| | | | | There was no valid reason to require the backend type when specifying a provider to remove.
* Fix potential uninitialized value error in responder_dp.cStephen Gallagher2009-12-081-1/+1
| | | | | | If we fell into the default case of the switch statement, we would attempt to talloc_free() a random memory location. This patch guarantees that sdp_req is NULL if it has not been initialized.
* Fix potential uninitialized value errors in nsssrv_cmd.cStephen Gallagher2009-12-081-1/+2
|
* Avoid returning uninitialized result.Stephen Gallagher2009-12-081-0/+1
| | | | | If grouplist was a zero-length array, we would return ret unitialized.
* Add allocation error checkStephen Gallagher2009-12-081-7/+10
|
* Change dhash API to be talloc-friendlySimo Sorce2009-12-081-16/+4
|
* Add dummy credentials to an empty ccache fileSumit Bose2009-12-081-2/+54
| | | | | | | | | Application like krb5-auth-dialog might get confused if there is a credential cache file without any credentials in it. This patch adds an expired credential where only the client and the server principal are set. The client principal is the user's principal and the server principal corresponds to a TGT principal of the realm the user belongs to.
* Fail on nonexistent input fileJakub Hrozek2009-12-082-3/+12
|
* Handle spaces in config parserJakub Hrozek2009-12-083-2/+43
| | | | Fixes: #301
* Fix bug #311, properly set callback attributeSimo Sorce2009-12-071-0/+1
|
* Allow nesting to fix #310Simo Sorce2009-12-073-0/+5
|
* Add offline support for ipa_accessSumit Bose2009-12-072-17/+134
|
* Add checks to test the memberuid handlingSumit Bose2009-12-071-13/+495
|
* Try to renew Kerberos credentialsSumit Bose2009-12-075-2/+189
| | | | | | | | When using GSSAPI we need a valid service ticket to talk to the LDAP server. If the ticket is expired the LDAP client returns with 'Can't contact LDAP server'. Currently we set the backend offline if this error occurs although the server is still available. This patch checks if the TGT is expired and tries to renew the credentials before going offline.
* Add basic OS detectionSumit Bose2009-12-074-2/+40
| | | | | Detect if the OS is Fedora, RHEL or SUSE and install the SUSE start-script on SUSE systems.
* Fix nested group membershipsSimo Sorce2009-12-076-221/+299
| | | | | | | | | Search the local db to find the local DN using the original DN as search key. This way we do not have to rely on weak and faulty heuristicts based on DN names. Add a few helper functions in the process and change the way we pass members to sysdb_store_group_send(), instead of passing users and groups list, just add member DNs to the other sysdb attrs.
* Make strdn build functions more availableSimo Sorce2009-12-073-42/+58
|
* Resolve nested groups also when rfc2307bis is usedSimo Sorce2009-12-071-68/+2
|
* Do not treat missing proc files as errors.Sumit Bose2009-12-071-0/+10
|
* Add sysdb_search_custom requestSumit Bose2009-12-073-74/+206
|
* Raise debug log level for LDB_DEBUG_WARNINGStephen Gallagher2009-12-031-1/+1
| | | | Level 3 was far too low for mostly-useless messages
* Make debug log timestamps human-readableStephen Gallagher2009-12-032-4/+13
|
* Use the custom password field in groups too.Simo Sorce2009-12-031-3/+5
| | | | Groups also need to honor the settable password field and use * by default.
* Use memberuid and not member in group enumerationsSimo Sorce2009-12-032-54/+9
| | | | | | This allows for correctly reporting nested group members, while at the same time not paying a too high price for caluclating nested groups at runtime e very time a search is made.
* Compute and save memberuid in cache as wellSimo Sorce2009-12-031-108/+690
| | | | | | | | | This patch adds a new generated attribute to every group that has direct or indirect members. This attribute is called memberuid and contains the name of the users that are directo or indirect members of this group. This is done to greatly speed up group enumerations when NSS reads groups off the cache.
* Fix memberof pluginSimo Sorce2009-12-031-12/+15
| | | | | A loop was badly built and was skipping entries. This left some memberof attributes in place that should have been removed.
* Check LDAP structure before calling ldap_unbind_ext()Sumit Bose2009-12-031-1/+3
|
* Check the services started against a list of known servicesJakub Hrozek2009-12-031-0/+29
| | | | Fixes: #241
* Setup ldap child logging from IPA backendJakub Hrozek2009-12-034-45/+54
| | | | Fixes: #296
generated by cgit (git 2.34.1) at 2024-05-03 20:47:02 +0000