Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Delete unused structure in IPA access code | Jan Zeleny | 2012-02-06 | 1 | -7/+0 |
| | |||||
* | Separate the host-retrieval code from IPA HBAC to common IPA code | Jan Zeleny | 2012-02-06 | 6 | -469/+535 |
| | |||||
* | Renamed some sysdb constants for their wider usage | Jan Zeleny | 2012-02-06 | 2 | -6/+6 |
| | |||||
* | Make password migration code use the IPA config retrieval code | Jan Zeleny | 2012-02-06 | 1 | -57/+14 |
| | |||||
* | Add support for generic IPA config retrieval | Jan Zeleny | 2012-02-06 | 2 | -0/+208 |
| | |||||
* | Fixed minor memory-hierarchy-related issue in IPA HBAC | Jan Zeleny | 2012-02-06 | 1 | -1/+2 |
| | |||||
* | Implemented support for multiple search bases in HBAC rules and services | Jan Zeleny | 2012-02-06 | 9 | -116/+364 |
| | |||||
* | AUTOFS: LDAP provider | Jakub Hrozek | 2012-02-05 | 2 | -1/+26 |
| | |||||
* | NSS: Add individual timeouts for entry types | Stephen Gallagher | 2012-02-04 | 5 | -9/+11 |
| | | | | https://fedorahosted.org/sssd/ticket/1016 | ||||
* | LDAP: Do not fail if RootDSE check cannot determine search bases | Stephen Gallagher | 2012-02-04 | 1 | -0/+7 |
| | | | | https://fedorahosted.org/sssd/ticket/1152 | ||||
* | Fixed wrong position of ldap_service_search_base | Jan Zeleny | 2012-02-01 | 1 | -1/+1 |
| | | | | | | The wrong position in configuration directive array caused problems in IPA provider, which tried to fetch another value instead of the services lookup base. | ||||
* | IPA: Add support for services lookups (non-enum) | Stephen Gallagher | 2012-01-31 | 2 | -1/+41 |
| | |||||
* | docs: Use absolute srcdir path | Jakub Hrozek | 2012-01-30 | 1 | -1/+1 |
| | | | | | | Building docs only worked in parallel builds. This patch uses abs_top_srcdir to make building documentation work in both parallel and in-tree builds. | ||||
* | LDAP: Add option to disable paging control | Stephen Gallagher | 2012-01-18 | 2 | -2/+3 |
| | | | | Fixes https://fedorahosted.org/sssd/ticket/967 | ||||
* | SUDO Integration - periodical update of rules in data provider | Pavel Březina | 2012-01-17 | 2 | -1/+3 |
| | | | | | | | | https://fedorahosted.org/sssd/ticket/1110 Adds new configuration options: - ldap_sudo_refresh_enabled - enable/disable periodical updates - ldap_sudo_refresh_timeout - rules timeout (refresh period) | ||||
* | SUDO Integration review issues | Pavel Březina | 2012-01-17 | 1 | -2/+2 |
| | |||||
* | IPA: Detect nsupdate support for the realm directive | Stephen Gallagher | 2012-01-17 | 1 | -14/+40 |
| | | | | | For older platforms, do not add the 'realm' line in the update message | ||||
* | Raise the debug level of two very noisy statements | Stephen Gallagher | 2012-01-17 | 1 | -2/+3 |
| | |||||
* | Support multiple search bases in HBAC | Jan Zeleny | 2012-01-14 | 5 | -39/+176 |
| | |||||
* | IPA netgroups: Do not reuse loop iterator variable | Jakub Hrozek | 2012-01-06 | 1 | -3/+3 |
| | |||||
* | HBAC: create empty groups with one NULL element | Jakub Hrozek | 2012-01-06 | 1 | -16/+15 |
| | | | | https://fedorahosted.org/sssd/ticket/1130 | ||||
* | Pass sdap_id_ctx to online check from IPA provider | Jakub Hrozek | 2011-12-19 | 3 | -1/+14 |
| | |||||
* | Move child_common routines to util | Stephen Gallagher | 2011-12-19 | 2 | -2/+2 |
| | |||||
* | SUDO Integration - LDAP configuration options | Pavel Březina | 2011-12-16 | 2 | -1/+40 |
| | |||||
* | Export the function to convert ldb_result to sysdb_attrs | Jakub Hrozek | 2011-12-16 | 1 | -1/+1 |
| | | | | It will be reused later in the sudo responder | ||||
* | Add sdap_connection_expire_timeout option | Stephen Gallagher | 2011-12-12 | 2 | -2/+3 |
| | | | | https://fedorahosted.org/sssd/ticket/1036 | ||||
* | Fix uninitialized value error in ipa_netgroups.c | Stephen Gallagher | 2011-12-12 | 1 | -0/+1 |
| | | | | | | | DEBUG message can print an unitialized value if the first netgroup has no members. Coverity 12382 | ||||
* | Fixed IPA netgroup processing | Jan Zeleny | 2011-12-09 | 3 | -2/+7 |
| | | | | | | | | In case IPA netgroup had indirect member hosts, they wouldn't be detected. This patch also modifies debug messages for easier debugging in the future. | ||||
* | Add ldap_sasl_minssf option | Jan Zeleny | 2011-12-08 | 2 | -1/+2 |
| | | | | https://fedorahosted.org/sssd/ticket/1075 | ||||
* | Allow using Glib for UTF8 support | Stephen Gallagher | 2011-12-05 | 1 | -33/+11 |
| | |||||
* | Add ipa_hbac_support_srchost option to IPA provider | Jan Zeleny | 2011-11-29 | 6 | -36/+151 |
| | | | | | don't fetch all host groups if this option is false https://fedorahosted.org/sssd/ticket/1078 | ||||
* | IPA migration fixes | Jakub Hrozek | 2011-11-29 | 3 | -97/+141 |
| | | | | | | | * use the id connection for looking up the migration flag * force TLS on the password based authentication connection https://fedorahosted.org/sssd/ticket/924 | ||||
* | Provide means of forcing TLS and GSSAPI enabled/disabled for sdap connections | Jakub Hrozek | 2011-11-29 | 1 | -1/+1 |
| | |||||
* | Fixed logically dead code in netgroup processing | Jan Zeleny | 2011-11-28 | 1 | -1/+1 |
| | |||||
* | Fixed uninitialized pointer read in netgroups processing | Jan Zeleny | 2011-11-28 | 1 | -0/+6 |
| | |||||
* | Fix sdap_id_ctx/ipa_id_ctx mismatch in IPA provider | Jakub Hrozek | 2011-11-25 | 2 | -2/+4 |
| | | | | | This was causing a segfault during HBAC processing and any ID lookups except for netgroups | ||||
* | Added IPA account info handler | Jan Zeleny | 2011-11-23 | 3 | -1/+373 |
| | | | | | Currently it is only handling netgroups by itself, other requests are forwarded to LDAP provider. | ||||
* | Added support for fetching netgroups in IPA provider | Jan Zeleny | 2011-11-23 | 1 | -0/+992 |
| | |||||
* | New IPA ID context | Jan Zeleny | 2011-11-23 | 3 | -22/+37 |
| | |||||
* | Added and modified options for IPA netgroups | Jan Zeleny | 2011-11-23 | 2 | -24/+69 |
| | |||||
* | Modified sdap_parse_search_base() | Jan Zeleny | 2011-11-23 | 1 | -4/+4 |
| | |||||
* | Cleanup: Remove unused parameters | Jakub Hrozek | 2011-11-22 | 10 | -40/+6 |
| | |||||
* | Support to request canonicalization in LDAP/IPA provider | Jan Zeleny | 2011-11-02 | 2 | -1/+2 |
| | | | | https://fedorahosted.org/sssd/ticket/957 | ||||
* | Add support to request canonicalization on krb AS requests | Jan Zeleny | 2011-11-02 | 2 | -2/+3 |
| | | | | https://fedorahosted.org/sssd/ticket/957 | ||||
* | LDAP: Add parser for multiple search bases | Stephen Gallagher | 2011-11-02 | 1 | -0/+20 |
| | |||||
* | Add a missing break | Jakub Hrozek | 2011-10-17 | 1 | -0/+1 |
| | |||||
* | HBAC: Use originalMember for identifying hostgroups | Stephen Gallagher | 2011-10-14 | 3 | -45/+165 |
| | |||||
* | HBAC: Use originalMember for identifying servicegroups | Stephen Gallagher | 2011-10-14 | 3 | -41/+169 |
| | |||||
* | HBAC: Do not save member/memberOf links | Stephen Gallagher | 2011-10-14 | 1 | -120/+0 |
| | | | | We can just trust the values from the FreeIPA server | ||||
* | HBAC: fix typos preventing proper hostgroup evaluation | Stephen Gallagher | 2011-09-28 | 1 | -3/+3 |
| |