sssd.git - sssd with jhrozek's patches

	Commit message (Collapse)	Author	Age	Files	Lines
*	Fix: IPv6 address with square brackets doesn't work.	Michal Zidek	2012-08-23	1	-0/+7
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1365
*	Consolidation of functions that make realm upper-case	Ondrej Kos	2012-08-23	1	-8/+2
\|
*	Duplicate detection in fail over did not work.	Michal Zidek	2012-08-15	1	-1/+6
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1472
*	SRV resolution for backup servers should not be permitted.	Michal Zidek	2012-08-09	1	-1/+9
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1463
*	Primary server support: IPA adaptation	Jan Zeleny	2012-08-01	1	-33/+74
\| \| \| \| \| \|	This patch adds support for the primary server functionality into IPA provider. No backup servers are added at the moment, just the basic support is in place.
*	Primary server support: basic support in failover code	Jan Zeleny	2012-08-01	1	-1/+1
\| \| \| \| \| \| \| \|	Now there are two list of servers for each service. If currently selected server is only backup, then an event will be scheduled which tries to get connection to one of primary servers and if it succeeds, it starts using this server instead of the one which is currently connected to.
*	KRB5: Drop memctx parameter of krb5_try_kdcip	Stephen Gallagher	2012-07-06	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This function is not supposed to return any newly-allocated memory directly. It was actually leaking the memory for krb5_servers if krb5_kdcip was being used, though it was undetectable because it was allocated on the provided memctx. This patch removes the memctx parameter and allocates krb5_servers temporarily on NULL and ensures that it is freed on all exit conditions. It is not necessary to retain this memory, as dp_opt_set_string() performs a talloc_strdup onto the appropriate context internally. It also updates the DEBUG messages for this function to the appropriate new macro levels.
*	Add support for ID ranges	Sumit Bose	2012-06-21	1	-0/+26
\|
*	IPA subdomains - ask for information about master domain	Jan Zeleny	2012-06-10	1	-0/+26
\| \| \| \| \| \| \|	The query is performed only if there is missing information in the cache. That means this should be done only once after restart when cache doesn't exist. All subsequent requests for subdomains won't include the request for master domain.
*	IPA: Check return values	Jakub Hrozek	2012-05-03	1	-2/+6
\|
*	IPA: Add get-domains target	Sumit Bose	2012-04-24	1	-0/+26
\|
*	Remove old compatibility tests	Stephen Gallagher	2012-03-28	1	-16/+0
\| \| \| \| \| \| \|	These are now replaced by the more accurate tests. This patch also drops the runtime option-count check, since we are always performing the more complete check at build-time.
*	Put dp_option maps in their own file	Stephen Gallagher	2012-03-28	1	-215/+1
\| \| \| \|	There is no functional change due to this patch.
*	IPA: Check nsAccountLock during PAM_ACCT_MGMT	Stephen Gallagher	2012-03-09	1	-1/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1227
*	IPA: Set the DNS discovery domain to match ipa_domain	Stephen Gallagher	2012-03-01	1	-1/+3
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1217
*	IPA hosts refactoring	Jan Zeleny	2012-02-24	1	-16/+36
\|
*	IPA: Add ipa_parse_search_base()	Stephen Gallagher	2012-02-23	1	-9/+44
\| \| \| \| \| \| \| \| \| \|	Previously, we were using sdap_parse_search_base() for setting up the search_base objects for use in IPA. However, this was generating unfriendly log messages about unknown search base types. This patch creates a new common_parse_search_base() routine that can be used with either LDAP or IPA providers. https://fedorahosted.org/sssd/ticket/1151
*	AUTOFS: IPA provider	Jakub Hrozek	2012-02-07	1	-25/+91
\|
*	IPA: Add host info handler	Jan Cholasta	2012-02-07	1	-0/+1
\|
*	LDAP: Add support for SSH user public keys	Jan Cholasta	2012-02-07	1	-1/+2
\|
*	Update shadowLastChanged attribute during LDAP password change	Jan Zeleny	2012-02-06	1	-0/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1019
*	Session target in IPA provider	Jan Zeleny	2012-02-06	1	-0/+47
\|
*	Renamed some sysdb constants for their wider usage	Jan Zeleny	2012-02-06	1	-2/+2
\|
*	Implemented support for multiple search bases in HBAC rules and services	Jan Zeleny	2012-02-06	1	-1/+24
\|
*	AUTOFS: LDAP provider	Jakub Hrozek	2012-02-05	1	-0/+25
\|
*	NSS: Add individual timeouts for entry types	Stephen Gallagher	2012-02-04	1	-1/+0
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1016
*	Fixed wrong position of ldap_service_search_base	Jan Zeleny	2012-02-01	1	-1/+1
\| \| \| \| \| \|	The wrong position in configuration directive array caused problems in IPA provider, which tried to fetch another value instead of the services lookup base.
*	IPA: Add support for services lookups (non-enum)	Stephen Gallagher	2012-01-31	1	-0/+38
\|
*	LDAP: Add option to disable paging control	Stephen Gallagher	2012-01-18	1	-1/+2
\| \| \| \|	Fixes https://fedorahosted.org/sssd/ticket/967
*	SUDO Integration - periodical update of rules in data provider	Pavel Březina	2012-01-17	1	-0/+2
\| \| \| \| \| \| \| \|	https://fedorahosted.org/sssd/ticket/1110 Adds new configuration options: - ldap_sudo_refresh_enabled - enable/disable periodical updates - ldap_sudo_refresh_timeout - rules timeout (refresh period)
*	SUDO Integration review issues	Pavel Březina	2012-01-17	1	-2/+2
\|
*	SUDO Integration - LDAP configuration options	Pavel Březina	2011-12-16	1	-0/+39
\|
*	Add sdap_connection_expire_timeout option	Stephen Gallagher	2011-12-12	1	-1/+2
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1036
*	Fixed IPA netgroup processing	Jan Zeleny	2011-12-09	1	-0/+1
\| \| \| \| \| \| \| \|	In case IPA netgroup had indirect member hosts, they wouldn't be detected. This patch also modifies debug messages for easier debugging in the future.
*	Add ldap_sasl_minssf option	Jan Zeleny	2011-12-08	1	-0/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1075
*	Add ipa_hbac_support_srchost option to IPA provider	Jan Zeleny	2011-11-29	1	-1/+2
\| \| \| \| \|	don't fetch all host groups if this option is false https://fedorahosted.org/sssd/ticket/1078
*	Added and modified options for IPA netgroups	Jan Zeleny	2011-11-23	1	-24/+46
\|
*	Modified sdap_parse_search_base()	Jan Zeleny	2011-11-23	1	-4/+4
\|
*	Support to request canonicalization in LDAP/IPA provider	Jan Zeleny	2011-11-02	1	-0/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/957
*	Add support to request canonicalization on krb AS requests	Jan Zeleny	2011-11-02	1	-1/+2
\| \| \| \|	https://fedorahosted.org/sssd/ticket/957
*	LDAP: Add parser for multiple search bases	Stephen Gallagher	2011-11-02	1	-0/+20
\|
*	Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANON	Jakub Hrozek	2011-08-26	1	-1/+2
\| \| \| \|	https://fedorahosted.org/sssd/ticket/978
*	Change the default value of ldap_tls_cacert in IPA provider	Jakub Hrozek	2011-08-01	1	-1/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/944
*	fo_get_server_name() getter for a server name	Jakub Hrozek	2011-07-21	1	-1/+9
\| \| \| \| \|	Allows to be more concise in tests and more defensive in resolve callbacks
*	Rename fo_get_server_name to fo_get_server_str_name	Jakub Hrozek	2011-07-21	1	-2/+2
\|
*	Remove unused krb5_service structure member	Jakub Hrozek	2011-07-13	1	-2/+0
\|
*	Escape IP address in kdcinfo	Jakub Hrozek	2011-07-11	1	-10/+10
\| \| \| \|	https://fedorahosted.org/sssd/ticket/909
*	Move IP adress escaping from the LDAP namespace	Jakub Hrozek	2011-07-11	1	-3/+3
\|
*	Add LDAP access control based on NDS attributes	Sumit Bose	2011-07-08	1	-1/+4
\|
*	Add ipa_hbac_treat_deny_as option	Stephen Gallagher	2011-07-08	1	-1/+2
\| \| \| \| \| \|	By default, we will treat the presence of any DENY rule as denying all users. This option will allow the admin to explicitly ignore DENY rules during a transitional period.