Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | sysdb: try dealing with binary-content attributessssd-1-8 | Jan Engelhardt | 2013-02-26 | 1 | -5/+3 |
| | | | | | | | | | | | | | | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/1818 I have here a LDAP user entry which has this attribute loginAllowedTimeMap:: AAAAAAAAAP///38AAP///38AAP///38AAP///38AAP///38AAAAAAAAA In the function sysdb_attrs_add_string(), called from sdap_attrs_add_ldap_attr(), strlen() is called on this blob, which is the wrong thing to do. The result of strlen is then used to populate the .v_length member of a struct ldb_val - and this will set it to zero in this case. (There is also the problem that there may not be a '\0' at all in the blob.) Subsequently, .v_length being 0 makes ldb_modify(), called from sysdb_set_entry_attr(), return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX. End result is that users do not get stored in the sysdb, and programs like `id` or `getent ...` show incomplete information. The bug was encountered with sssd-1.8.5. sssd-1.5.11 seemed to behave fine, but that may not mean that is the absolute lower boundary of introduction of the problem. | ||||
* | SSSD fails to store users if any of the requested attribute is empty. | Michal Zidek | 2013-02-21 | 1 | -0/+6 |
| | | | | https://fedorahosted.org/sssd/ticket/1440 | ||||
* | LDAP: Check validity of naming_context | Jakub Hrozek | 2013-01-29 | 1 | -1/+1 |
| | | | | | | | https://fedorahosted.org/sssd/ticket/1581 If the namingContext attribute had no values or multiple values, then our code would dereference a NULL pointer. | ||||
* | LDAP: Handle empty namingContexts values safely | Stephen Gallagher | 2013-01-29 | 1 | -0/+8 |
| | | | | | | | | Certain LDAP servers can return an empty string as the value of namingContexts. We need to treat these as NULL so that we can fail gracefully. https://fedorahosted.org/sssd/ticket/1542 | ||||
* | Add missing breaks to switch statements | Stephen Gallagher | 2012-02-13 | 1 | -0/+1 |
| | | | | Coverity #12525 and #12524 | ||||
* | LDAP: Add support for SSH user public keys | Jan Cholasta | 2012-02-07 | 1 | -2/+18 |
| | |||||
* | AUTOFS: LDAP provider | Jakub Hrozek | 2012-02-05 | 1 | -1/+12 |
| | |||||
* | LDAP: Do not fail if RootDSE check cannot determine search bases | Stephen Gallagher | 2012-02-04 | 1 | -1/+6 |
| | | | | https://fedorahosted.org/sssd/ticket/1152 | ||||
* | LDAP: Add enumeration support for services | Stephen Gallagher | 2012-01-31 | 1 | -0/+5 |
| | |||||
* | LDAP: Add support for service lookups (non-enum) | Stephen Gallagher | 2012-01-31 | 1 | -0/+11 |
| | |||||
* | LDAP: Improve debugging for sdap_parse_deref | Stephen Gallagher | 2012-01-23 | 1 | -4/+7 |
| | | | | | | Move the debug statement identifying the DN to an earlier line, so if we get a reply with no attributes, we know which entry is at fault. | ||||
* | SUDO Integration - LDAP configuration options | Pavel Březina | 2011-12-16 | 1 | -1/+13 |
| | |||||
* | Modified sdap_parse_search_base() | Jan Zeleny | 2011-11-23 | 1 | -1/+1 |
| | |||||
* | Cleanup: Remove unused parameters | Jakub Hrozek | 2011-11-22 | 1 | -2/+0 |
| | |||||
* | LDAP: Add parser for multiple search bases | Stephen Gallagher | 2011-11-02 | 1 | -26/+83 |
| | |||||
* | sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string() | Pavel Březina | 2011-09-06 | 1 | -14/+14 |
| | | | | https://fedorahosted.org/sssd/ticket/986 | ||||
* | OpenLDAP dereference searches | Jakub Hrozek | 2011-05-20 | 1 | -0/+159 |
| | | | | | | | | This dereference method is supported at least by OpenLDAP and 389DS/RHDS For more details, see: http://tools.ietf.org/html/draft-masarati-ldap-deref-00 | ||||
* | Remove append_attrs_to_array | Jakub Hrozek | 2011-05-20 | 1 | -11/+0 |
| | | | | This function was not used anywhere | ||||
* | Add value of the last USN to server configuration | Stephen Gallagher | 2011-04-19 | 1 | -0/+15 |
| | | | | | Related: https://fedorahosted.org/sssd/ticket/734 | ||||
* | Initialise srv_opts even if rootDSE is missing | Sumit Bose | 2011-04-11 | 1 | -38/+40 |
| | |||||
* | Remove LDAP_DEPRECATED | Sumit Bose | 2011-01-31 | 1 | -1/+0 |
| | |||||
* | Do not fail if attributes are empty | Sumit Bose | 2011-01-27 | 1 | -16/+29 |
| | | | | | | | Currently we fail if attributes are empty. But there are some use cases where requested attributes are empty. E.g Active Directory uses an empty member attribute to indicate that a subset of the members are in a range sub-attribute. | ||||
* | Add ldap_tls_{cert,key,cipher_suite} config options | Tyson Whitehead | 2011-01-20 | 1 | -0/+27 |
| | | | | Signed-off-by: Stephen Gallagher <sgallagh@redhat.com> | ||||
* | Fix unchecked return value in sdap_parse_entry() | Sumit Bose | 2010-12-14 | 1 | -1/+5 |
| | | | | https://fedorahosted.org/sssd/ticket/712 | ||||
* | Fix unchecked return value in sdap_get_msg_dn() | Sumit Bose | 2010-12-14 | 1 | -1/+6 |
| | | | | https://fedorahosted.org/sssd/ticket/712 | ||||
* | ldap: Use USN entries if available. | Simo Sorce | 2010-12-07 | 1 | -3/+55 |
| | | | | Otherwise fallback to the default modifyTimestamp indicator | ||||
* | ldap: add checks to determine if USN features are available. | Simo Sorce | 2010-12-07 | 1 | -1/+83 |
| | |||||
* | Fix const cast warning in build_attrs_from_map | Stephen Gallagher | 2010-11-15 | 1 | -3/+3 |
| | |||||
* | Sanitize ldap attributes in the config file | Stephen Gallagher | 2010-11-15 | 1 | -2/+21 |
| | | | | https://fedorahosted.org/sssd/ticket/458 | ||||
* | Review comments for namingContexts patches | Sumit Bose | 2010-11-05 | 1 | -5/+5 |
| | |||||
* | Use (default)namingContext to set empty search bases | Sumit Bose | 2010-11-04 | 1 | -0/+103 |
| | |||||
* | Check if control is supported before using it. | Simo Sorce | 2010-09-15 | 1 | -0/+18 |
| | |||||
* | Store rootdse supported features in sdap_handler | Sumit Bose | 2010-09-15 | 1 | -18/+64 |
| | |||||
* | Rename server/ directory to src/ | Stephen Gallagher | 2010-02-18 | 1 | -0/+388 |
Also update BUILD.txt |