summaryrefslogtreecommitdiffstats
path: root/server
Commit message (Collapse)AuthorAgeFilesLines
* Use version.m4 for setting the SSSD versionStephen Gallagher2010-01-211-1/+4
| | | | | | | | This is the preferred way of setting the version in a file, as autotools will properly monitor this file for changes and rerun autoconf/configure when necessary to update the version. This means that we don't need to manually perform an autoreconf in order to build a new RPM
* Split off libdhash into a shared libraryStephen Gallagher2010-01-203-5/+23
| | | | | | | | Right now, the pkg-config checks for the system version of libdhash are forcibly disabled, requiring the SSSD to build it from its own tree. In the future, when we split the libraries off from the SSSD, it will be easy to switch this check to the external library.
* Fix a double free bugSumit Bose2010-01-201-3/+0
|
* Fix timeout memory heirarchyStephen Gallagher2010-01-201-2/+14
| | | | | | | | This fixes two issues: 1) Eliminates a double-free when a timeout occurs (we were freeing the running event context) 2) Ensures that we don't continue to schedule unnecessary timeout checks
* Deleting nonexistent users or groups is not a noopJakub Hrozek2010-01-202-4/+2
| | | | | | The manual pages for userdel and groupdel utilities incorrectly stated that deleting a nonexistent user or group is a noop. We changed that behavior, but forgot to sync the documentation.
* document debug_timestampsJakub Hrozek2010-01-202-0/+22
|
* Add sysdb request to authenticate against a cached passwordSumit Bose2010-01-208-217/+378
| | | | | | | | | The code for authentication against a cached password is moved from the pam responder to a generic sysdb tevent request. The new code can be used by other components of sssd to verify passwords on their own. Tests for the sysdb_cache_password and sysdb_cache_auth request are added and some unneeded or unused code and variables are removed.
* sss_groupshow - a utility to print properties of a local groupJakub Hrozek2010-01-209-2/+452
| | | | | | | This patch adds a utility called sss_groupshow that allows user to print properties of a group in the local domain. Fixes: #306
* Copy-edit, mainly fixing typos and EnglishDavid O'Brien2010-01-142-71/+68
| | | | | Some reformatting to stay within 79 char line length. Better definition of server vs. machine usage in failover section.
* Make sure callbacks never retry when ares channel is destroyedMartin Nagy2010-01-141-4/+12
| | | | | | When the resolv context destructor is invoked, the callbacks for pending queries could have been called with ARES_EDESTRUCTION and try to re-send the query.
* Don't recursively call ares_process_fd() from fd_event()Martin Nagy2010-01-141-17/+0
| | | | | | | | Since ares_process_fd() might also cause fd_event() to be called again, calling ares_process_fd() is unwise. The bug will cause a crash if c-ares is using tcp connections. Fixes: #384
* Make periodic checks for DNS timeoutsMartin Nagy2010-01-141-1/+82
| | | | | | | | Since we only call c-ares to process input on FD when there is an activity on them, c-ares never gets a chance to react to a timed-out request. This caused SSSD to hang. Fixes: #381
* Explicitly set async DNS timeoutStephen Gallagher2010-01-145-6/+15
| | | | We will allow 5s per DNS server, no retries.
* Fix #382, a segfault bug in the memberof plugin.Simo Sorce2010-01-121-1/+1
|
* Re-create c-ares channels if /etc/resolv.conf is modifiedMartin Nagy2010-01-123-14/+95
| | | | Fixes: #378
* Remove local and kerberos providers from the access_provider listStephen Gallagher2010-01-123-6/+2
| | | | Update tests to reflect these removals.
* Update SV translationPiotr Drąg2010-01-121-3/+2
|
* Fix return value when offline and TGT is validSumit Bose2010-01-111-1/+1
| | | | Fixes CVE-2010-0014
* Update SV translationGöran Uddeborg2010-01-051-3/+3
|
* Update translations for masterStephen Gallagher2010-01-059-411/+402
|
* Don't free timer events within the handler.Simo Sorce2010-01-051-16/+12
| | | | | | | Tevent frees timer handlers once done, so freeing the timer within the event is going to cause double frees. Just attach the timer event to the request it depends on and make sure to steal it on NULL if we are going to free the request from within the handler.
* Return an error for an unknown PAM requestSumit Bose2010-01-054-12/+41
|
* Allow debug_timestamps setting on a per-domain basisStephen Gallagher2009-12-212-0/+3
| | | | | This was missing from the SSSDConfig API, though it was supported by the daemon.
* Fix broken password changes for local usersStephen Gallagher2009-12-181-1/+6
|
* Do not blindly accept zero-length passwordsStephen Gallagher2009-12-182-8/+17
|
* Fix ldap child memory hierarchy and other issuesSimo Sorce2009-12-188-306/+482
| | | | | | | | | | | | | | | | | The timeout handler was not a child of the request so it could fire even though the request was already freed. The code wouldn't use async writes to the children so it could incur in a short write with no way to detect or recover from it. Also fixed style of some helper functions to pass explicit paramters instead of a general structure. Add common code to do async writes to pipes. Fixed async write issue for the krb5_child as well. Fix also sdap_kinit_done(), a return statement was missing and we were mixing SDAP_AUTH and errno return codes in state->result Remove usless helper function that just replicates talloc_strndup()
* Fix for #344Sumit Bose2009-12-181-13/+11
| | | | | Do not handle a missing ccache file as inactive by default, check if there are still active processes of the user.
* Do not overwrite valid TGTs when offlineSumit Bose2009-12-185-43/+185
|
* Handle chauthtok with PAM_PRELIM_CHECK separatelySumit Bose2009-12-186-21/+75
| | | | | | If pam_sm_chauthtok is called with the flag PAM_PRELIM_CHECK set we generate a separate call to the sssd to validate the old password before asking for a new password and sending the change password request.
* disable password migration codeSumit Bose2009-12-171-2/+2
|
* Clarify access_provider manpage entryStephen Gallagher2009-12-171-1/+3
| | | | We support installed access providers as well as permit and deny
* Add DEBUG messages to getpwnam_callback and getpwuid_callbackStephen Gallagher2009-12-171-0/+4
| | | | This matches the DEBUG logging available for groups.
* Updating ES translationStephen Gallagher2009-12-171-20/+36
|
* Fix tight-loop in monitor part 2Stephen Gallagher2009-12-171-0/+5
| | | | | The first fix only fixed tight loops caused by setting 'timeout=0' in services. This patch also fixes it for domains.
* Change default for enumeration to TRUEStephen Gallagher2009-12-172-2/+2
|
* Raise DEBUG level of sdap_get_generic_done()Stephen Gallagher2009-12-171-1/+1
| | | | | | | The DEBUG level of the result should not be lower than the DEBUG level of the request. It generates too much noise when enumerate is enabled or initgroups deals with groups with large numbers of users.
* Update SV translationGöran Uddeborg2009-12-151-26/+35
|
* Fix warning in server.cStephen Gallagher2009-12-151-1/+1
| | | | | Function definition was missing "void" to denote that it took no arguments.
* Don't set explicit default for "timeout" in domainsStephen Gallagher2009-12-151-1/+1
|
* Fix tight loop in monitorStephen Gallagher2009-12-152-4/+9
| | | | | | If the domain heartbeat time was explicitly set in the configuration to 0, we would enter a tight loop in the heartbeat check and never answer requests from the child processes.
* Cleanup db files after test runSumit Bose2009-12-152-2/+21
|
* Fix upgrade bug #323Simo Sorce2009-12-151-180/+186
| | | | | | | | | Move the upgrade function first and check explicitly for the old ldb name. Perform upgrades up to v02 first if necessary. Then proceed as normal letting the normal init functions perform further upgrades if necessary. This now works also if there is no "local" provider in the current configuration.
* Properly close STDERR when daemonizingStephen Gallagher2009-12-151-9/+3
| | | | | | | | This is necessary so that any process managing our startup and shutdown (e.g. authconfig) does not block and stall waiting for stderr to terminate. Fixes bug https://fedorahosted.org/sssd/ticket/324
* Update IT translationMarina Latini2009-12-152-0/+644
|
* Update SV translationGöran Uddeborg2009-12-151-86/+101
|
* Build python modules in builddirSumit Bose2009-12-152-4/+13
| | | | | | | This requires increasing the required autoconf version to 2.59 for use of $(abs_builddir). Fix uninstallation of python files as well
* Check for minimal version of checkSumit Bose2009-12-151-1/+1
| | | | Test loops and _i are only available since 0.9.5.
* Use sys.exit instead of exitSumit Bose2009-12-151-1/+2
|
* fail over: Change the first server pick logicMartin Nagy2009-12-151-5/+26
| | | | | | | | | | The logic of selecting the server to fail over to was changed so that we start from the server next to the one that didn't work the last time. This is because the status of a server that failed last time might get reset before we try another one. This can cause that we try to use the nonworking server repeatedly, not giving a chance to other servers. Fixes: #321
* Don't consider one address with different port numbers as the sameMartin Nagy2009-12-156-21/+38
| | | | | | | | | | | | | There were two problems with the code. We were using fo_set_server_status() instead of fo_set_port_status() when we failed to connect to a service. This is a problem because if two services use the same server, or we want to use one server with two different ports, marking the whole server as bad is incorrect. The other problem was that be_resolve_server_done() was comparing the hostent structures -- these are, however, equal across multiple server:port pairs with the same server addresses. Fixes: #321
generated by cgit (git 2.34.1) at 2024-04-28 02:57:51 +0000