summaryrefslogtreecommitdiffstats
path: root/src/providers
Commit message (Collapse)AuthorAgeFilesLines
...
* KRB5: Go offline in case of clock skewJakub Hrozek2013-11-291-0/+1
| | | | | | | | https://fedorahosted.org/sssd/ticket/1096 In case the KDC has skewed time, we can retry with the next one and eventually go offline if no KDC has time in sync with the client. Previously, authentication with wrong time resulted in System Error.
* Remove unused parameter from ipa_save_netgroupLukas Slebodnik2013-11-271-2/+1
|
* Remove unused memory context in proxyLukas Slebodnik2013-11-271-9/+6
|
* Remove unused parameter from save_netgroupLukas Slebodnik2013-11-273-6/+3
|
* Remove unused parameter from save_userLukas Slebodnik2013-11-271-10/+8
|
* Remove unused parameter from delete_userLukas Slebodnik2013-11-271-9/+7
|
* Remove unused parameter from krb5_auth_store_credsLukas Slebodnik2013-11-271-3/+2
|
* Remove unused parameter from krb5_auth_cache_credsLukas Slebodnik2013-11-271-3/+0
|
* Remove unused parameter from sdap_save_netgroupLukas Slebodnik2013-11-271-4/+1
|
* Remove unused parameter from sdap_process_missing_member_2307Lukas Slebodnik2013-11-271-4/+2
|
* Remove unused parameter from sdap_add_group_member_2307Lukas Slebodnik2013-11-271-4/+3
|
* Remove unused parameter from sdap_store_group_with_gidLukas Slebodnik2013-11-271-7/+3
|
* Remove unused parameter from sdap_get_members_with_primary_gidLukas Slebodnik2013-11-271-4/+4
|
* Remove unused parameter from sdap_save_userLukas Slebodnik2013-11-274-9/+3
|
* Remove unused parameter from get_user_dnLukas Slebodnik2013-11-271-2/+1
|
* Remove unused parameter from sss_selinux_extract_userLukas Slebodnik2013-11-271-1/+1
|
* LDAP: Search for original DN during auth if it's missingJakub Hrozek2013-11-201-16/+194
| | | | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/2077 If during the LDAP authentication we find out that the originalDN to bind as is missing (because the ID module is not LDAP based), we can try to look up the user from LDAP without saving him just in order to receive the originalDN.
* LDAP: Split out a request to search for a user w/o savingJakub Hrozek2013-11-202-33/+147
| | | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/2077 Certain situations require that a user entry is downloaded for further inpection, but not saved to the sysdb right away. This patch splits the previously monolithic request into one that just downloads the data and one that uses the new one to download and save the user.
* LDAP: Initialize user count for AD matching ruleJakub Hrozek2013-11-181-1/+1
| | | | | | | https://fedorahosted.org/sssd/ticket/2157 If AD matching rule was selected, but the group was empty, the SSSD accessed random data. Initializing count to zero prevents that.
* krb5: Alignment warning reported by clangMichal Zidek2013-11-151-7/+7
| | | | | | | Do not store address from byte buffer into pointer of diffrent type! https://fedorahosted.org/sssd/ticket/1359
* SYSDB: Drop redundant sysdb_ctx parameter from sysdb.cMichal Zidek2013-11-1512-22/+14
|
* SYSDB: Drop the sysdb_ctx parameter - module sysdb_ops (part 2)Michal Zidek2013-11-1525-82/+68
|
* SYSDB: Drop the sysdb_ctx parameter from the sysdb_sudo.c moduleJakub Hrozek2013-11-154-25/+15
|
* SYSDB: Drop the sysdb_ctx parameter from the sysdb_idmap moduleJakub Hrozek2013-11-151-4/+2
|
* SYSDB: Drop the sysdb_ctx parameter - module sysdb_ops (part 1)Michal Zidek2013-11-159-25/+22
|
* SYSDB: Drop the sysdb_ctx parameter from the sysdb_ssh moduleMichal Zidek2013-11-151-4/+2
|
* SYSDB: Drop the sysdb_ctx parameter from the sysdb_services moduleMichal Zidek2013-11-156-33/+26
|
* SYSDB: Drop the sysdb_ctx parameter from the sysdb_search moduleMichal Zidek2013-11-159-23/+17
|
* SYSDB: Drop the sysdb_ctx parameter from SELinux functionsJakub Hrozek2013-11-151-7/+6
|
* SYSDB: Drop the sysdb_ctx parameter from the autofs APIJakub Hrozek2013-11-152-29/+16
|
* Merge ipa_selinux_common.c and ipa_selinux.cJakub Hrozek2013-11-153-110/+46
| | | | | Moved unused functions and merged ipa_selinux_common.c into ipa_selinux.c
* LDAP: Prevent from using uninitialized sdap_optionsLukas Slebodnik2013-11-141-1/+1
| | | | | | | | ldap_get_options can fail in time of ldap back end initialisation and then sssd try to release uninitialised sdap_options. Resolves: https://fedorahosted.org/sssd/ticket/2147
* Remove unused variableJakub Hrozek2013-11-121-1/+0
|
* Signals: Refactor termination of processesSimo Sorce2013-11-122-2/+2
| | | | | | | | sig_term() was never used as a real signal handler, but only called by tevent signal handlers in the kerberos and ldap children. Also the same code was duplicated with separate local guard variables in other functions. Unify orderly termination handling, between all these functions.
* Add ldap_autofs_map_master_name optionCove Schneider2013-11-127-7/+17
|
* Initialize sid_str to NULL to avoid freeing random dataJakub Hrozek2013-11-082-2/+2
| | | | | If any function before failed, sss_idmap_free_sid() might have been called with random data.
* confdb: Make offline timeout configurableMichal Zidek2013-11-071-2/+13
| | | | | | | Added and documented option offline_timeout. Resolves: https://fedorahosted.org/sssd/ticket/1718
* free idmapped SIDs correctlyPavel Březina2013-11-074-4/+7
| | | | | Resolves: https://fedorahosted.org/sssd/ticket/2133
* Include ext headers with #include <foo.h> - contPavel Reichl2013-11-041-1/+1
| | | | Changing style of including header files from outside of sssd tree - from "header.h" to <header.h>
* AD: Fix ad_access_filter parsing with empty filterJakub Hrozek2013-10-301-0/+8
|
* LDAP: Check all search bases during nested group processingJakub Hrozek2013-10-301-13/+42
|
* nested groups: pick correct domain for cache lookupsPavel Březina2013-10-301-4/+12
| | | | | | | | | Groups may contain members from different domains. We need to make sure that we always choose correct domain for subdomain users when looking up in sysdb. Resolves: https://fedorahosted.org/sssd/ticket/2064
* sdap_fill_memberships: pick correct domain for every memberPavel Březina2013-10-301-4/+19
| | | | | | | | | Groups may contain members from different domains. We need to make sure that we always choose correct domain for subdomain users when looking up in sysdb. Resolves: https://fedorahosted.org/sssd/ticket/2064
* ghosts: pick correct domain for every memberPavel Březina2013-10-301-10/+15
| | | | | | | | | Groups may contain members from different domains. We need to make sure that we store subdomain users with correct domain name. Resolves: https://fedorahosted.org/sssd/ticket/2064
* sdap: add sdap_domain_get_by_dn()Pavel Březina2013-10-302-0/+28
| | | | | | | | This function will find sdap domain by comparing object dn with domain base dn. Resolves: https://fedorahosted.org/sssd/ticket/2064
* sdap: store base dn in sdap_domainPavel Březina2013-10-302-15/+22
| | | | | | | | | Groups may contain members from different domains. Remembering base dn in domain object gives us the ability to simply lookup correct domain by comparing object dn with domain base dn. Resolves: https://fedorahosted.org/sssd/ticket/2064
* ad: shortcut if possible during get object by ID or SIDPavel Březina2013-10-301-0/+96
| | | | | | | | | | When getByID or getBySID comes from responder, the request doesn't necessarily have to contain correct domain, since responder iterates over all domains until it finds a match. Every domain has its own ID range, so we can simply shortcut if domain does not match and avoid LDAP round trip. Responder will continue with next domain until it finds the correct one.
* free sid obtained from sss_idmap_unix_to_sid()Pavel Březina2013-10-301-0/+2
|
* be_spy_create: free be_req and not the long living dataSumit Bose2013-10-301-1/+1
|
* LDAP: Return correct error codeLukas Slebodnik2013-10-301-1/+1
| | | | | | If talloc_array return NULL we should return right error code from function sdap_domain_subdom_add. It might happen that we could return either wrong error code or uninitialized variable ret.
generated by cgit (git 2.34.1) at 2025-10-01 13:39:23 +0000