summaryrefslogtreecommitdiffstats
path: root/server
Commit message (Collapse)AuthorAgeFilesLines
* Fix licensing issues in SSSDStephen Gallagher2010-02-183-0/+72
|
* Remove replaceStephen Gallagher2010-02-181-10/+0
|
* Fix size error on 64-bit systemsStephen Gallagher2010-01-251-1/+1
|
* Pointers to non 32 bit aligned data were being cast to uint32_t *George McCollister2010-01-222-9/+11
| | | | | | | | uint32_t pointers must point to 32 bit aligned data on ARM. Instead of padding the data to force it into alignment I altered the code to memcpy the data to an aligned location. I'd appreciate any and all feedback especially on whether I took the best approach. pam_test_client auth and pam_test_client acct now work on my armeb-xscale-linux-gnueabi target. Signed-off-by: George McCollister <georgem@opteron.novatech-llc.com>
* Fix async resolver integration with teventStephen Gallagher2010-01-221-7/+19
| | | | | | | We weren't properly setting read/write flags on the tevent fd events, so c-ares was unable to perform bidirectional communication for TCP DNS (in situations where the response is too large to send by UDP)
* Add missing link for KerberosStephen Gallagher2010-01-221-1/+2
|
* Use version.m4 for setting the SSSD versionStephen Gallagher2010-01-221-1/+4
| | | | | | | | This is the preferred way of setting the version in a file, as autotools will properly monitor this file for changes and rerun autoconf/configure when necessary to update the version. This means that we don't need to manually perform an autoreconf in order to build a new RPM
* Fix a double free bugSumit Bose2010-01-221-3/+0
|
* Fix timeout memory heirarchyStephen Gallagher2010-01-221-2/+14
| | | | | | | | This fixes two issues: 1) Eliminates a double-free when a timeout occurs (we were freeing the running event context) 2) Ensures that we don't continue to schedule unnecessary timeout checks
* Deleting nonexistent users or groups is not a noopJakub Hrozek2010-01-222-4/+2
| | | | | | The manual pages for userdel and groupdel utilities incorrectly stated that deleting a nonexistent user or group is a noop. We changed that behavior, but forgot to sync the documentation.
* document debug_timestampsJakub Hrozek2010-01-222-0/+22
|
* Copy-edit, mainly fixing typos and EnglishDavid O'Brien2010-01-142-71/+68
| | | | | Some reformatting to stay within 79 char line length. Better definition of server vs. machine usage in failover section.
* Make sure callbacks never retry when ares channel is destroyedMartin Nagy2010-01-141-4/+12
| | | | | | When the resolv context destructor is invoked, the callbacks for pending queries could have been called with ARES_EDESTRUCTION and try to re-send the query.
* Don't recursively call ares_process_fd() from fd_event()Martin Nagy2010-01-141-17/+0
| | | | | | | | Since ares_process_fd() might also cause fd_event() to be called again, calling ares_process_fd() is unwise. The bug will cause a crash if c-ares is using tcp connections. Fixes: #384
* Make periodic checks for DNS timeoutsMartin Nagy2010-01-141-1/+82
| | | | | | | | Since we only call c-ares to process input on FD when there is an activity on them, c-ares never gets a chance to react to a timed-out request. This caused SSSD to hang. Fixes: #381
* Explicitly set async DNS timeoutStephen Gallagher2010-01-145-6/+15
| | | | We will allow 5s per DNS server, no retries.
* Fix #382, a segfault bug in the memberof plugin.Simo Sorce2010-01-141-1/+1
|
* Re-create c-ares channels if /etc/resolv.conf is modifiedMartin Nagy2010-01-143-14/+95
| | | | Fixes: #378
* Remove local and kerberos providers from the access_provider listStephen Gallagher2010-01-143-6/+2
| | | | Update tests to reflect these removals.
* Update SV translationStephen Gallagher2010-01-141-3/+2
|
* Fix return value when offline and TGT is validSumit Bose2010-01-111-1/+1
| | | | Fixes CVE-2010-0014
* Allow debug_timestamps setting on a per-domain basisStephen Gallagher2009-12-212-0/+3
| | | | | This was missing from the SSSDConfig API, though it was supported by the daemon.
* Fix broken password changes for local usersStephen Gallagher2009-12-181-1/+6
|
* Do not blindly accept zero-length passwordsStephen Gallagher2009-12-182-8/+17
|
* Fix ldap child memory hierarchy and other issuesSimo Sorce2009-12-188-306/+482
| | | | | | | | | | | | | | | | | The timeout handler was not a child of the request so it could fire even though the request was already freed. The code wouldn't use async writes to the children so it could incur in a short write with no way to detect or recover from it. Also fixed style of some helper functions to pass explicit paramters instead of a general structure. Add common code to do async writes to pipes. Fixed async write issue for the krb5_child as well. Fix also sdap_kinit_done(), a return statement was missing and we were mixing SDAP_AUTH and errno return codes in state->result Remove usless helper function that just replicates talloc_strndup()
* Fix for #344Sumit Bose2009-12-181-13/+11
| | | | | Do not handle a missing ccache file as inactive by default, check if there are still active processes of the user.
* Do not overwrite valid TGTs when offlineSumit Bose2009-12-185-43/+185
|
* Handle chauthtok with PAM_PRELIM_CHECK separatelySumit Bose2009-12-186-21/+75
| | | | | | If pam_sm_chauthtok is called with the flag PAM_PRELIM_CHECK set we generate a separate call to the sssd to validate the old password before asking for a new password and sending the change password request.
* disable password migration codeSumit Bose2009-12-171-2/+2
|
* Clarify access_provider manpage entryStephen Gallagher2009-12-171-1/+3
| | | | We support installed access providers as well as permit and deny
* Add DEBUG messages to getpwnam_callback and getpwuid_callbackStephen Gallagher2009-12-171-0/+4
| | | | This matches the DEBUG logging available for groups.
* Updating ES translationStephen Gallagher2009-12-171-19/+35
|
* Fix tight-loop in monitor part 2Stephen Gallagher2009-12-171-0/+5
| | | | | The first fix only fixed tight loops caused by setting 'timeout=0' in services. This patch also fixes it for domains.
* Change default for enumeration to TRUEStephen Gallagher2009-12-172-2/+2
|
* Raise DEBUG level of sdap_get_generic_done()Stephen Gallagher2009-12-171-1/+1
| | | | | | | The DEBUG level of the result should not be lower than the DEBUG level of the request. It generates too much noise when enumerate is enabled or initgroups deals with groups with large numbers of users.
* Update SV translationGöran Uddeborg2009-12-151-26/+35
|
* Fix warning in server.cStephen Gallagher2009-12-151-1/+1
| | | | | Function definition was missing "void" to denote that it took no arguments.
* Don't set explicit default for "timeout" in domainsStephen Gallagher2009-12-151-1/+1
|
* Fix tight loop in monitorStephen Gallagher2009-12-152-4/+9
| | | | | | If the domain heartbeat time was explicitly set in the configuration to 0, we would enter a tight loop in the heartbeat check and never answer requests from the child processes.
* Cleanup db files after test runSumit Bose2009-12-152-2/+21
|
* Fix upgrade bug #323Simo Sorce2009-12-151-180/+186
| | | | | | | | | Move the upgrade function first and check explicitly for the old ldb name. Perform upgrades up to v02 first if necessary. Then proceed as normal letting the normal init functions perform further upgrades if necessary. This now works also if there is no "local" provider in the current configuration.
* Properly close STDERR when daemonizingStephen Gallagher2009-12-151-9/+3
| | | | | | | | This is necessary so that any process managing our startup and shutdown (e.g. authconfig) does not block and stall waiting for stderr to terminate. Fixes bug https://fedorahosted.org/sssd/ticket/324
* Update IT translationMarina Latini2009-12-152-0/+644
|
* Update SV translationGöran Uddeborg2009-12-151-84/+94
|
* Build python modules in builddirSumit Bose2009-12-152-4/+13
| | | | | | | This requires increasing the required autoconf version to 2.59 for use of $(abs_builddir). Fix uninstallation of python files as well
* Check for minimal version of checkSumit Bose2009-12-151-1/+1
| | | | Test loops and _i are only available since 0.9.5.
* Use sys.exit instead of exitSumit Bose2009-12-151-1/+2
|
* fail over: Change the first server pick logicMartin Nagy2009-12-151-5/+26
| | | | | | | | | | The logic of selecting the server to fail over to was changed so that we start from the server next to the one that didn't work the last time. This is because the status of a server that failed last time might get reset before we try another one. This can cause that we try to use the nonworking server repeatedly, not giving a chance to other servers. Fixes: #321
* Don't consider one address with different port numbers as the sameMartin Nagy2009-12-156-21/+38
| | | | | | | | | | | | | There were two problems with the code. We were using fo_set_server_status() instead of fo_set_port_status() when we failed to connect to a service. This is a problem because if two services use the same server, or we want to use one server with two different ports, marking the whole server as bad is incorrect. The other problem was that be_resolve_server_done() was comparing the hostent structures -- these are, however, equal across multiple server:port pairs with the same server addresses. Fixes: #321
* Updating to version 0.99.1sssd-0_99_1Stephen Gallagher2009-12-118-412/+408
|