summaryrefslogtreecommitdiffstats
path: root/src/providers/ldap/sdap.c
Commit message (Collapse)AuthorAgeFilesLines
* sysdb: try dealing with binary-content attributessssd-1-8Jan Engelhardt2013-02-261-5/+3
| | | | | | | | | | | | | | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/1818 I have here a LDAP user entry which has this attribute loginAllowedTimeMap:: AAAAAAAAAP///38AAP///38AAP///38AAP///38AAP///38AAAAAAAAA In the function sysdb_attrs_add_string(), called from sdap_attrs_add_ldap_attr(), strlen() is called on this blob, which is the wrong thing to do. The result of strlen is then used to populate the .v_length member of a struct ldb_val - and this will set it to zero in this case. (There is also the problem that there may not be a '\0' at all in the blob.) Subsequently, .v_length being 0 makes ldb_modify(), called from sysdb_set_entry_attr(), return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX. End result is that users do not get stored in the sysdb, and programs like `id` or `getent ...` show incomplete information. The bug was encountered with sssd-1.8.5. sssd-1.5.11 seemed to behave fine, but that may not mean that is the absolute lower boundary of introduction of the problem.
* SSSD fails to store users if any of the requested attribute is empty.Michal Zidek2013-02-211-0/+6
| | | | https://fedorahosted.org/sssd/ticket/1440
* LDAP: Check validity of naming_contextJakub Hrozek2013-01-291-1/+1
| | | | | | | https://fedorahosted.org/sssd/ticket/1581 If the namingContext attribute had no values or multiple values, then our code would dereference a NULL pointer.
* LDAP: Handle empty namingContexts values safelyStephen Gallagher2013-01-291-0/+8
| | | | | | | | Certain LDAP servers can return an empty string as the value of namingContexts. We need to treat these as NULL so that we can fail gracefully. https://fedorahosted.org/sssd/ticket/1542
* Add missing breaks to switch statementsStephen Gallagher2012-02-131-0/+1
| | | | Coverity #12525 and #12524
* LDAP: Add support for SSH user public keysJan Cholasta2012-02-071-2/+18
|
* AUTOFS: LDAP providerJakub Hrozek2012-02-051-1/+12
|
* LDAP: Do not fail if RootDSE check cannot determine search basesStephen Gallagher2012-02-041-1/+6
| | | | https://fedorahosted.org/sssd/ticket/1152
* LDAP: Add enumeration support for servicesStephen Gallagher2012-01-311-0/+5
|
* LDAP: Add support for service lookups (non-enum)Stephen Gallagher2012-01-311-0/+11
|
* LDAP: Improve debugging for sdap_parse_derefStephen Gallagher2012-01-231-4/+7
| | | | | | Move the debug statement identifying the DN to an earlier line, so if we get a reply with no attributes, we know which entry is at fault.
* SUDO Integration - LDAP configuration optionsPavel Březina2011-12-161-1/+13
|
* Modified sdap_parse_search_base()Jan Zeleny2011-11-231-1/+1
|
* Cleanup: Remove unused parametersJakub Hrozek2011-11-221-2/+0
|
* LDAP: Add parser for multiple search basesStephen Gallagher2011-11-021-26/+83
|
* sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string()Pavel Březina2011-09-061-14/+14
| | | | https://fedorahosted.org/sssd/ticket/986
* OpenLDAP dereference searchesJakub Hrozek2011-05-201-0/+159
| | | | | | | | This dereference method is supported at least by OpenLDAP and 389DS/RHDS For more details, see: http://tools.ietf.org/html/draft-masarati-ldap-deref-00
* Remove append_attrs_to_arrayJakub Hrozek2011-05-201-11/+0
| | | | This function was not used anywhere
* Add value of the last USN to server configurationStephen Gallagher2011-04-191-0/+15
| | | | | Related: https://fedorahosted.org/sssd/ticket/734
* Initialise srv_opts even if rootDSE is missingSumit Bose2011-04-111-38/+40
|
* Remove LDAP_DEPRECATEDSumit Bose2011-01-311-1/+0
|
* Do not fail if attributes are emptySumit Bose2011-01-271-16/+29
| | | | | | | Currently we fail if attributes are empty. But there are some use cases where requested attributes are empty. E.g Active Directory uses an empty member attribute to indicate that a subset of the members are in a range sub-attribute.
* Add ldap_tls_{cert,key,cipher_suite} config optionsTyson Whitehead2011-01-201-0/+27
| | | | Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
* Fix unchecked return value in sdap_parse_entry()Sumit Bose2010-12-141-1/+5
| | | | https://fedorahosted.org/sssd/ticket/712
* Fix unchecked return value in sdap_get_msg_dn()Sumit Bose2010-12-141-1/+6
| | | | https://fedorahosted.org/sssd/ticket/712
* ldap: Use USN entries if available.Simo Sorce2010-12-071-3/+55
| | | | Otherwise fallback to the default modifyTimestamp indicator
* ldap: add checks to determine if USN features are available.Simo Sorce2010-12-071-1/+83
|
* Fix const cast warning in build_attrs_from_mapStephen Gallagher2010-11-151-3/+3
|
* Sanitize ldap attributes in the config fileStephen Gallagher2010-11-151-2/+21
| | | | https://fedorahosted.org/sssd/ticket/458
* Review comments for namingContexts patchesSumit Bose2010-11-051-5/+5
|
* Use (default)namingContext to set empty search basesSumit Bose2010-11-041-0/+103
|
* Check if control is supported before using it.Simo Sorce2010-09-151-0/+18
|
* Store rootdse supported features in sdap_handlerSumit Bose2010-09-151-18/+64
|
* Rename server/ directory to src/Stephen Gallagher2010-02-181-0/+388
Also update BUILD.txt
generated by cgit (git 2.34.1) at 2024-05-13 11:26:27 +0000