summaryrefslogtreecommitdiffstats
path: root/src/providers/ad/ad_gpo.c
Commit message (Collapse)AuthorAgeFilesLines
* UTIL: Remove more code duplication setting up child processesJakub Hrozek2014-11-051-21/+2
| | | | | | | | All our child processes duplicated the same code that set up the debugging all around. Instead of adding yet another copy for the selinux_child, add a common utility function. Reviewed-by: Michal Židek <mzidek@redhat.com>
* UTIL: Remove code duplication of struct ioJakub Hrozek2014-11-051-40/+3
| | | | | | | | We had struct io and the associated destructor copied twice in the code already and need it again in the SELinux provider. Instead of adding another copy, move the code to a shared subtree under util/ Reviewed-by: Michal Židek <mzidek@redhat.com>
* GPO: Terminate request on errorJakub Hrozek2014-10-221-0/+2
| | | | Reviewed-by: Pavel Reichl <preichl@redhat.com>
* GPO: Do not use output argument if function failedLukas Slebodnik2014-10-131-4/+4
| | | | | | | | | deny_size and allow_size were initialized in function parse_policy_setting_value (output argument). If function parse_policy_setting_value fails then output arguments will not initialized and will be used uninitialized in debug macro. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* GPO: Fail if we cannot retrieve gpo from cache.Lukas Slebodnik2014-10-131-0/+6
| | | | | | The variable value could be used uninitialized. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* GPO: fail if there is problem with storing gpo into sysdbLukas Slebodnik2014-10-131-0/+14
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* GPO: remove unused talloc contextsLukas Slebodnik2014-10-031-11/+8
| | | | | | | Talloc context was not used in functions ad_gpo_parse_gpo_child_response ad_gpo_process_cse_recv, ad_gpo_store_policy_settings. Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* AD-GPO resolve conflicting policy settings correctlyYassir Elley2014-10-021-499/+412
| | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/2437 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* AD GPO: Fix incorrect return of EACCESStephen Gallagher2014-10-021-2/+2
| | | | | | | | | | | | In the access providers, we expect to receive ERR_ACCESS_DENIED when access is denied, but we were returning EACCES here. The effect was the same, except that it presented ultimately as a system error instead of a proper denial. Related: https://fedorahosted.org/sssd/ticket/2437 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* AD: Add a missing break statement to the GPO codeJakub Hrozek2014-09-291-1/+2
| | | | Reviewed-by: Pavel Reichl <preichl@redhat.com>
* AD GPO: Fix incorrect sAMAccountName selectionStephen Gallagher2014-09-291-2/+2
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* AD-GPO: delete stale GPOsYassir Elley2014-09-081-0/+36
| | | | | | https://fedorahosted.org/sssd/ticket/2431 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* AD-GPO: processing changes for gpo_map_* optionsYassir Elley2014-09-081-21/+422
| | | | | Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* AD-GPO: ad_gpo changes for offline gpo supportYassir Elley2014-08-131-23/+149
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* AD-GPO: add ad_gpo_cache_timeout optionYassir Elley2014-07-311-97/+182
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* AD-GPO: only download policy files if gpo version changesYassir Elley2014-07-301-119/+209
| | | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* AD: Increment som_index when advancing to the next GPOJakub Hrozek2014-07-291-0/+2
| | | | | | | When the GPO processing tried to advance to the next GPO on encountering an error, the som_index was not incremented, causing an infinite loop. Reviewed-by: Yassir Elley <yelley@redhat.com>
* AD: Check return value of ad_gpo_evaluate_daclJakub Hrozek2014-07-291-2/+7
| | | | Reviewed-by: Pavel Reichl <preichl@redhat.com>
* AD-GPO: Store policy settings in local filesYassir Elley2014-07-201-102/+264
| | | | Reviewed-by: Sumit Bose <sbose@redhat.com>
* AD-GPO: Add support for gpo permissive modeYassir Elley2014-07-011-2/+18
| | | | Reviewed-by: Sumit Bose <sbose@redhat.com>
* Use ldap_url_parse to extract hostname from ldap uriYassir Elley2014-07-011-5/+20
| | | | Reviewed-by: Sumit Bose <sbose@redhat.com>
* AD-GPO: Add gpo-smb implementation in gpo_child processYassir Elley2014-07-011-11/+877
| | | | Reviewed-by: Sumit Bose <sbose@redhat.com>
* AD-GPO: Fix some failure modes in ad_gpo.cYassir Elley2014-05-301-9/+18
| | | | Reviewed-by: Sumit Bose <sbose@redhat.com>
* AD-GPO: Remove dependency on libsamba-securityYassir Elley2014-05-231-25/+77
| | | | Reviewed-by: Sumit Bose <sbose@redhat.com>
* Implemented LDAP component of GPO-based access controlYassir Elley2014-05-131-0/+2248
Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
generated by cgit (git 2.34.1) at 2024-06-10 00:08:15 +0000