summaryrefslogtreecommitdiffstats
path: root/src/providers/ldap
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix segfault in sdap_get_initgr_userJakub Hrozek2011-11-071-1/+2
|
* Support to request canonicalization in LDAP/IPA providerJan Zeleny2011-11-025-0/+26
| | | | https://fedorahosted.org/sssd/ticket/957
* LDAP: Add support for multiple search bases for group enumerationStephen Gallagher2011-11-024-24/+101
|
* LDAP: Add support for multiple search bases for user enumerationStephen Gallagher2011-11-024-8/+49
|
* LDAP: Convert ldap_*_search_filterStephen Gallagher2011-11-023-59/+23
| | | | | | Instead of making this a global option for all user lookups, make it only used if the search base is passed without an explicit filter.
* LDAP: Add multiple search bases for initgroups (RFC2307bis groups)Stephen Gallagher2011-11-021-77/+225
|
* LDAP: Add multiple search bases for initgroups (RFC2307 groups)Stephen Gallagher2011-11-021-17/+99
|
* LDAP: Add multiple search bases for initgroups (users)Stephen Gallagher2011-11-021-30/+72
|
* LDAP: Support multiple group search bases (non-enumeration, RFC2307)Stephen Gallagher2011-11-024-16/+74
|
* LDAP: Support multiple netgroup search basesStephen Gallagher2011-11-023-14/+65
|
* LDAP: Support multiple user search bases (non-enumeration)Stephen Gallagher2011-11-024-14/+70
|
* LDAP: Add parser for multiple search basesStephen Gallagher2011-11-024-26/+360
|
* Make sdap_get_id_specific_filter() more strictStephen Gallagher2011-11-022-4/+4
|
* Fix size return for split_on_separator()Stephen Gallagher2011-11-021-5/+5
| | | | | | | It was returning the size of the array, rather than the number of elements. (The array was NULL-terminated). This argument was only used in one place that was actually working around this odd return value.
* Remove unused sdap_options attributesStephen Gallagher2011-11-021-3/+0
| | | | These DNs were never assigned or referenced anywhere.
* Cleanup of unused function in ldap access providerJan Zeleny2011-11-021-2/+0
|
* Remove confusing do-while loopJakub Hrozek2011-11-021-35/+36
| | | | | The deref processing would return a single control back. The do-while loop was harmless but confusing.
* Use LDAPDerefSpec properlyJakub Hrozek2011-11-021-4/+6
| | | | | | | | ldap_create_deref_control_value expects an array of LDAPDerefSpec structures with LDAPDerefSpec.derefAttr == NULL as a sentinel. We were passing a single instance of a LDAPDerefSpec structure. https://fedorahosted.org/sssd/ticket/1050
* Steal result onto mem_ctx in sdap_initgr_nested_get_direct_parentsJakub Hrozek2011-10-311-2/+1
|
* RFC2307bis initgroups: fix nested groups processingJakub Hrozek2011-10-311-20/+33
| | | | | Due to incorrectly written loop, SSSD would go into infitite loop if it processed the same group on two different levels of membership.
* Plug memory leaks in LDAP providerJakub Hrozek2011-10-251-0/+3
|
* Cancel transactions correctly during initgroupsJakub Hrozek2011-10-171-13/+31
|
* Use fewer transactions during IPA initgroupsJakub Hrozek2011-10-171-171/+273
|
* Use fewer transactions during RFC2307bis initgroupsJakub Hrozek2011-10-171-346/+366
|
* Utility functions for LDAP nested schema initgroupsJakub Hrozek2011-10-171-0/+119
|
* SysDB commands that save lastUpdate allows this value to be passed inPavel Březina2011-10-135-21/+41
| | | | https://fedorahosted.org/sssd/ticket/836
* Fix small bug where TALLOC_CTX could end up unfreed.Pavel Zuna2011-10-061-3/+3
|
* Use explicit base 10 for converting strings to integersJakub Hrozek2011-10-031-2/+2
| | | | https://fedorahosted.org/sssd/ticket/1013
* Store name aliases for users, groupsJakub Hrozek2011-09-285-37/+216
| | | | | | Also checks fake users for aliases when storing a real users so that getgrnam for a RFC2307 group that references a user by his secondary name followed by getpwnam for this user by his primary name works
* Add a sysdb_get_direct_parents functionJakub Hrozek2011-09-281-57/+5
|
* Fixed bad logic in processing netgroups in LDAP providerJan Zeleny2011-09-281-1/+3
|
* Multiline macro cleanupJakub Hrozek2011-09-282-3/+3
| | | | | | | | | | This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again.
* Fix uninitialized pointer read in sdap_gssapi_get_default_realm()Jakub Hrozek2011-09-201-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1003
* DEBUG timestamps offer higher precisionPavel Březina2011-09-081-0/+2
| | | | | | | https://fedorahosted.org/sssd/ticket/956 Added: --debug-microseconds=0/1 Added: debug_microseconds to sssd.conf
* Keep deref controls until the whole request is finishedJakub Hrozek2011-09-061-8/+45
| | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/989 John Hodrien found out that when paging is used while dereferencing an entry, sssd_be may segfault on the second page. This was because paging returned the control to sdap_generic_search multiple times but sssd was freeing dereference control after the first search invocation. The subsequend sdap searched accessed memory that was already freed.
* Improve error message for LDAP password constraint violationJakub Hrozek2011-09-063-16/+29
| | | | https://fedorahosted.org/sssd/ticket/985
* Allow turning dereference off by setting the threshold to 0Jakub Hrozek2011-09-063-3/+9
|
* sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string()Pavel Březina2011-09-063-35/+35
| | | | https://fedorahosted.org/sssd/ticket/986
* sss_ldap_err2string() - function createdPavel Březina2011-09-061-2/+0
| | | | https://fedorahosted.org/sssd/ticket/986
* Fix moving to next entry in deref codeJakub Hrozek2011-08-291-1/+6
| | | | https://fedorahosted.org/sssd/ticket/973
* Use the default Kerberos realm for LDAP with GSSAPI authJakub Hrozek2011-08-261-3/+55
| | | | https://fedorahosted.org/sssd/ticket/970
* Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANONJakub Hrozek2011-08-263-1/+14
| | | | https://fedorahosted.org/sssd/ticket/978
* New DEBUG facility - SSSDBG_UNRESOLVED changed from -1 to 0Pavel Březina2011-08-251-1/+4
| | | | | | | | | | | | | | | | | | | | | Removed: SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED) Added new macro: CONVERT_AND_SET_DEBUG_LEVEL(new_value) Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0 so DEBUG macro could be reduced by one condition. Anyway, it has a minor effect, every time you want to load debug_level from command line parameters, you have to use following pattern: /* Set debug level to invalid value so we can deside if -d 0 was used. */ debug_level = SSSDBG_INVALID; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { ... } CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
* New DEBUG facility - conversionPavel Březina2011-08-253-2/+4
| | | | | | | | | | https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
* Improve password policy error code and messageSumit Bose2011-08-251-4/+9
| | | | | | Instead of returning PAM_SYSTEM_ERR if they necessary attributes for the requested password policy cannot be found we return PAM_PERM_DENIED. Additionally the log message says that the access is denied.
* Handle timeout during sss_ldap_init_sendJakub Hrozek2011-08-151-1/+5
| | | | | | | | | In some cases, where there would be no response from the LDAP server, there would be no R/W events on the LDAP fd, so sdap_async_sys_connect_done would never be called. This patch adds a tevent timer that cancels the connection after SDAP_NETWORK_TIMEOUT seconds.
* Moved some functions in sdap_async_initgroupsJan Zeleny2011-08-151-345/+349
|
* Moved some functions in sdap_async_groupsJan Zeleny2011-08-151-122/+112
|
* Confusing part of code cleared outJan Zeleny2011-08-151-34/+32
|
* sdap_async_accounts.c splitJan Zeleny2011-08-154-2514/+2588
| | | | | | | | | The file has been split in three: sdap_async_users.c sdap_async_groups.c sdap_async_initgroups.c https://fedorahosted.org/sssd/ticket/864
generated by cgit (git 2.34.1) at 2024-06-20 20:33:41 +0000