summaryrefslogtreecommitdiffstats
path: root/src/providers
Commit message (Collapse)AuthorAgeFilesLines
* Add a missing breakJakub Hrozek2011-10-171-0/+1
|
* HBAC: Use originalMember for identifying hostgroupsStephen Gallagher2011-10-143-45/+165
|
* HBAC: Use originalMember for identifying servicegroupsStephen Gallagher2011-10-143-41/+169
|
* HBAC: Do not save member/memberOf linksStephen Gallagher2011-10-141-120/+0
| | | | We can just trust the values from the FreeIPA server
* SysDB commands that save lastUpdate allows this value to be passed inPavel Březina2011-10-137-32/+62
| | | | https://fedorahosted.org/sssd/ticket/836
* Append PID to sbus server socket name, let clients use a symlinkJakub Hrozek2011-10-132-2/+2
| | | | https://fedorahosted.org/sssd/ticket/1034
* Fix small bug where TALLOC_CTX could end up unfreed.Pavel Zuna2011-10-061-3/+3
|
* Use explicit base 10 for converting strings to integersJakub Hrozek2011-10-032-4/+4
| | | | https://fedorahosted.org/sssd/ticket/1013
* Store name aliases for users, groupsJakub Hrozek2011-09-285-37/+216
| | | | | | Also checks fake users for aliases when storing a real users so that getgrnam for a RFC2307 group that references a user by his secondary name followed by getpwnam for this user by his primary name works
* Add a sysdb_get_direct_parents functionJakub Hrozek2011-09-281-57/+5
|
* HBAC: fix typos preventing proper hostgroup evaluationStephen Gallagher2011-09-281-3/+3
|
* Fixed bad logic in processing netgroups in LDAP providerJan Zeleny2011-09-281-1/+3
|
* IPA access: hostname comparison should be case-insensitiveJakub Hrozek2011-09-281-1/+1
|
* Multiline macro cleanupJakub Hrozek2011-09-288-10/+11
| | | | | | | | | | This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again.
* Fix uninitialized pointer read in sdap_gssapi_get_default_realm()Jakub Hrozek2011-09-201-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1003
* DEBUG timestamps offer higher precisionPavel Březina2011-09-084-6/+24
| | | | | | | https://fedorahosted.org/sssd/ticket/956 Added: --debug-microseconds=0/1 Added: debug_microseconds to sssd.conf
* Improve documentation of libipa_hbacStephen Gallagher2011-09-082-21/+1697
|
* Do not access memory out of boundsSumit Bose2011-09-071-2/+2
|
* Keep deref controls until the whole request is finishedJakub Hrozek2011-09-061-8/+45
| | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/989 John Hodrien found out that when paging is used while dereferencing an entry, sssd_be may segfault on the second page. This was because paging returned the control to sdap_generic_search multiple times but sssd was freeing dereference control after the first search invocation. The subsequend sdap searched accessed memory that was already freed.
* Improve error message for LDAP password constraint violationJakub Hrozek2011-09-063-16/+29
| | | | https://fedorahosted.org/sssd/ticket/985
* Allow turning dereference off by setting the threshold to 0Jakub Hrozek2011-09-063-3/+9
|
* sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string()Pavel Březina2011-09-063-35/+35
| | | | https://fedorahosted.org/sssd/ticket/986
* sss_ldap_err2string() - function createdPavel Březina2011-09-061-2/+0
| | | | https://fedorahosted.org/sssd/ticket/986
* HBAC: Properly skip all non-group memberOf entriesStephen Gallagher2011-08-291-1/+2
|
* Fix moving to next entry in deref codeJakub Hrozek2011-08-291-1/+6
| | | | https://fedorahosted.org/sssd/ticket/973
* HBAC: Use of hostgroups for targethost or sourcehost was brokenStephen Gallagher2011-08-261-4/+4
| | | | | We were trying to look up the wrong attribute for the name of the hostgroup.
* HBAC: Handle saving groups that have no membersStephen Gallagher2011-08-261-7/+21
|
* Use the default Kerberos realm for LDAP with GSSAPI authJakub Hrozek2011-08-261-3/+55
| | | | https://fedorahosted.org/sssd/ticket/970
* Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANONJakub Hrozek2011-08-265-3/+17
| | | | https://fedorahosted.org/sssd/ticket/978
* --debug-timestamps=1 is not passed to providersPavel Březina2011-08-252-11/+8
| | | | | | https://fedorahosted.org/sssd/ticket/972 --debug-timestamps=1 is now passed to providers
* New DEBUG facility - SSSDBG_UNRESOLVED changed from -1 to 0Pavel Březina2011-08-254-4/+15
| | | | | | | | | | | | | | | | | | | | | Removed: SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED) Added new macro: CONVERT_AND_SET_DEBUG_LEVEL(new_value) Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0 so DEBUG macro could be reduced by one condition. Anyway, it has a minor effect, every time you want to load debug_level from command line parameters, you have to use following pattern: /* Set debug level to invalid value so we can deside if -d 0 was used. */ debug_level = SSSDBG_INVALID; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { ... } CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
* New DEBUG facility - conversionPavel Březina2011-08-2511-9/+16
| | | | | | | | | | https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
* Improve password policy error code and messageSumit Bose2011-08-251-4/+9
| | | | | | Instead of returning PAM_SYSTEM_ERR if they necessary attributes for the requested password policy cannot be found we return PAM_PERM_DENIED. Additionally the log message says that the access is denied.
* IPA dyndns: do not segfault if the server cannot be resolvedJakub Hrozek2011-08-251-4/+2
| | | | https://fedorahosted.org/sssd/ticket/963
* Handle timeout during sss_ldap_init_sendJakub Hrozek2011-08-151-1/+5
| | | | | | | | | In some cases, where there would be no response from the LDAP server, there would be no R/W events on the LDAP fd, so sdap_async_sys_connect_done would never be called. This patch adds a tevent timer that cancels the connection after SDAP_NETWORK_TIMEOUT seconds.
* Moved some functions in sdap_async_initgroupsJan Zeleny2011-08-151-345/+349
|
* Moved some functions in sdap_async_groupsJan Zeleny2011-08-151-122/+112
|
* Confusing part of code cleared outJan Zeleny2011-08-151-34/+32
|
* sdap_async_accounts.c splitJan Zeleny2011-08-154-2514/+2588
| | | | | | | | | The file has been split in three: sdap_async_users.c sdap_async_groups.c sdap_async_initgroups.c https://fedorahosted.org/sssd/ticket/864
* sysdb refactoring: memory context deletedJan Zeleny2011-08-1510-43/+31
| | | | | | This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well.
* sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny2011-08-1522-101/+69
| | | | | The patch also updates code using modified functions. Tests have also been adjusted.
* Use sysdb attribute name for GID, not LDAP attributeStephen Gallagher2011-08-111-3/+3
|
* Fix returning groups when gidNumber attribute is not orderedJakub Hrozek2011-08-043-4/+10
| | | | https://fedorahosted.org/sssd/ticket/951
* Request password control unconditionally during bindJakub Hrozek2011-08-011-6/+6
| | | | https://fedorahosted.org/sssd/ticket/940
* Change the default value of ldap_tls_cacert in IPA providerJakub Hrozek2011-08-011-1/+1
| | | | https://fedorahosted.org/sssd/ticket/944
* Add rule validator to libipa_hbacStephen Gallagher2011-08-012-0/+74
| | | | https://fedorahosted.org/sssd/ticket/943
* Remove incorrect private variableStephen Gallagher2011-08-011-1/+1
| | | | | | This caused no ill effects, since it wasn't used in the callback. However, it is a layering violation (especially since req is freed in the callback)
* Wrong paramater to sysdb_attrs_add_uint32Jakub Hrozek2011-08-011-1/+1
|
* Fix incorrect NULL check in ipa_hbac_common.cStephen Gallagher2011-07-291-1/+1
| | | | https://fedorahosted.org/sssd/ticket/936
* Fix memory leak in ipa_hbac_evaluate_rulesStephen Gallagher2011-07-291-0/+1
| | | | https://fedorahosted.org/sssd/ticket/933
generated by cgit (git 2.34.1) at 2024-06-08 07:52:09 +0000