Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | IPA: Add support for services lookups (non-enum) | Stephen Gallagher | 2012-01-31 | 2 | -1/+41 |
| | |||||
* | docs: Use absolute srcdir path | Jakub Hrozek | 2012-01-30 | 1 | -1/+1 |
| | | | | | | Building docs only worked in parallel builds. This patch uses abs_top_srcdir to make building documentation work in both parallel and in-tree builds. | ||||
* | LDAP: Add option to disable paging control | Stephen Gallagher | 2012-01-18 | 2 | -2/+3 |
| | | | | Fixes https://fedorahosted.org/sssd/ticket/967 | ||||
* | SUDO Integration - periodical update of rules in data provider | Pavel Březina | 2012-01-17 | 2 | -1/+3 |
| | | | | | | | | https://fedorahosted.org/sssd/ticket/1110 Adds new configuration options: - ldap_sudo_refresh_enabled - enable/disable periodical updates - ldap_sudo_refresh_timeout - rules timeout (refresh period) | ||||
* | SUDO Integration review issues | Pavel Březina | 2012-01-17 | 1 | -2/+2 |
| | |||||
* | IPA: Detect nsupdate support for the realm directive | Stephen Gallagher | 2012-01-17 | 1 | -14/+40 |
| | | | | | For older platforms, do not add the 'realm' line in the update message | ||||
* | Raise the debug level of two very noisy statements | Stephen Gallagher | 2012-01-17 | 1 | -2/+3 |
| | |||||
* | Support multiple search bases in HBAC | Jan Zeleny | 2012-01-14 | 5 | -39/+176 |
| | |||||
* | IPA netgroups: Do not reuse loop iterator variable | Jakub Hrozek | 2012-01-06 | 1 | -3/+3 |
| | |||||
* | HBAC: create empty groups with one NULL element | Jakub Hrozek | 2012-01-06 | 1 | -16/+15 |
| | | | | https://fedorahosted.org/sssd/ticket/1130 | ||||
* | Pass sdap_id_ctx to online check from IPA provider | Jakub Hrozek | 2011-12-19 | 3 | -1/+14 |
| | |||||
* | Move child_common routines to util | Stephen Gallagher | 2011-12-19 | 2 | -2/+2 |
| | |||||
* | SUDO Integration - LDAP configuration options | Pavel Březina | 2011-12-16 | 2 | -1/+40 |
| | |||||
* | Export the function to convert ldb_result to sysdb_attrs | Jakub Hrozek | 2011-12-16 | 1 | -1/+1 |
| | | | | It will be reused later in the sudo responder | ||||
* | Add sdap_connection_expire_timeout option | Stephen Gallagher | 2011-12-12 | 2 | -2/+3 |
| | | | | https://fedorahosted.org/sssd/ticket/1036 | ||||
* | Fix uninitialized value error in ipa_netgroups.c | Stephen Gallagher | 2011-12-12 | 1 | -0/+1 |
| | | | | | | | DEBUG message can print an unitialized value if the first netgroup has no members. Coverity 12382 | ||||
* | Fixed IPA netgroup processing | Jan Zeleny | 2011-12-09 | 3 | -2/+7 |
| | | | | | | | | In case IPA netgroup had indirect member hosts, they wouldn't be detected. This patch also modifies debug messages for easier debugging in the future. | ||||
* | Add ldap_sasl_minssf option | Jan Zeleny | 2011-12-08 | 2 | -1/+2 |
| | | | | https://fedorahosted.org/sssd/ticket/1075 | ||||
* | Allow using Glib for UTF8 support | Stephen Gallagher | 2011-12-05 | 1 | -33/+11 |
| | |||||
* | Add ipa_hbac_support_srchost option to IPA provider | Jan Zeleny | 2011-11-29 | 6 | -36/+151 |
| | | | | | don't fetch all host groups if this option is false https://fedorahosted.org/sssd/ticket/1078 | ||||
* | IPA migration fixes | Jakub Hrozek | 2011-11-29 | 3 | -97/+141 |
| | | | | | | | * use the id connection for looking up the migration flag * force TLS on the password based authentication connection https://fedorahosted.org/sssd/ticket/924 | ||||
* | Provide means of forcing TLS and GSSAPI enabled/disabled for sdap connections | Jakub Hrozek | 2011-11-29 | 1 | -1/+1 |
| | |||||
* | Fixed logically dead code in netgroup processing | Jan Zeleny | 2011-11-28 | 1 | -1/+1 |
| | |||||
* | Fixed uninitialized pointer read in netgroups processing | Jan Zeleny | 2011-11-28 | 1 | -0/+6 |
| | |||||
* | Fix sdap_id_ctx/ipa_id_ctx mismatch in IPA provider | Jakub Hrozek | 2011-11-25 | 2 | -2/+4 |
| | | | | | This was causing a segfault during HBAC processing and any ID lookups except for netgroups | ||||
* | Added IPA account info handler | Jan Zeleny | 2011-11-23 | 3 | -1/+373 |
| | | | | | Currently it is only handling netgroups by itself, other requests are forwarded to LDAP provider. | ||||
* | Added support for fetching netgroups in IPA provider | Jan Zeleny | 2011-11-23 | 1 | -0/+992 |
| | |||||
* | New IPA ID context | Jan Zeleny | 2011-11-23 | 3 | -22/+37 |
| | |||||
* | Added and modified options for IPA netgroups | Jan Zeleny | 2011-11-23 | 2 | -24/+69 |
| | |||||
* | Modified sdap_parse_search_base() | Jan Zeleny | 2011-11-23 | 1 | -4/+4 |
| | |||||
* | Cleanup: Remove unused parameters | Jakub Hrozek | 2011-11-22 | 10 | -40/+6 |
| | |||||
* | Support to request canonicalization in LDAP/IPA provider | Jan Zeleny | 2011-11-02 | 2 | -1/+2 |
| | | | | https://fedorahosted.org/sssd/ticket/957 | ||||
* | Add support to request canonicalization on krb AS requests | Jan Zeleny | 2011-11-02 | 2 | -2/+3 |
| | | | | https://fedorahosted.org/sssd/ticket/957 | ||||
* | LDAP: Add parser for multiple search bases | Stephen Gallagher | 2011-11-02 | 1 | -0/+20 |
| | |||||
* | Add a missing break | Jakub Hrozek | 2011-10-17 | 1 | -0/+1 |
| | |||||
* | HBAC: Use originalMember for identifying hostgroups | Stephen Gallagher | 2011-10-14 | 3 | -45/+165 |
| | |||||
* | HBAC: Use originalMember for identifying servicegroups | Stephen Gallagher | 2011-10-14 | 3 | -41/+169 |
| | |||||
* | HBAC: Do not save member/memberOf links | Stephen Gallagher | 2011-10-14 | 1 | -120/+0 |
| | | | | We can just trust the values from the FreeIPA server | ||||
* | HBAC: fix typos preventing proper hostgroup evaluation | Stephen Gallagher | 2011-09-28 | 1 | -3/+3 |
| | |||||
* | IPA access: hostname comparison should be case-insensitive | Jakub Hrozek | 2011-09-28 | 1 | -1/+1 |
| | |||||
* | Multiline macro cleanup | Jakub Hrozek | 2011-09-28 | 2 | -2/+2 |
| | | | | | | | | | | This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again. | ||||
* | Improve documentation of libipa_hbac | Stephen Gallagher | 2011-09-08 | 2 | -21/+1697 |
| | |||||
* | Do not access memory out of bounds | Sumit Bose | 2011-09-07 | 1 | -2/+2 |
| | |||||
* | HBAC: Properly skip all non-group memberOf entries | Stephen Gallagher | 2011-08-29 | 1 | -1/+2 |
| | |||||
* | HBAC: Use of hostgroups for targethost or sourcehost was broken | Stephen Gallagher | 2011-08-26 | 1 | -4/+4 |
| | | | | | We were trying to look up the wrong attribute for the name of the hostgroup. | ||||
* | HBAC: Handle saving groups that have no members | Stephen Gallagher | 2011-08-26 | 1 | -7/+21 |
| | |||||
* | Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANON | Jakub Hrozek | 2011-08-26 | 2 | -2/+3 |
| | | | | https://fedorahosted.org/sssd/ticket/978 | ||||
* | IPA dyndns: do not segfault if the server cannot be resolved | Jakub Hrozek | 2011-08-25 | 1 | -4/+2 |
| | | | | https://fedorahosted.org/sssd/ticket/963 | ||||
* | sysdb refactoring: memory context deleted | Jan Zeleny | 2011-08-15 | 2 | -3/+3 |
| | | | | | | This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well. | ||||
* | sysdb refactoring: deleted domain variables in sysdb API | Jan Zeleny | 2011-08-15 | 6 | -17/+12 |
| | | | | | The patch also updates code using modified functions. Tests have also been adjusted. |