| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
ares_query does not take search or domain directives from
/etc/resolv.conf into account
https://fedorahosted.org/sssd/ticket/922
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add sockaddr_storage to sdap_service
Add sdap_call_conn_cb() to call add connection callback directly
Use name based URI instead of IP address based URIs
Use ldap_init_fd() instead of ldap_initialize() if available
Do not access state after tevent_req_done() is called.
Call ldap_install_tls() on ldaps connections
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add new resolv_hostent data structure and utility functions
Resolve hosts by name from files into resolv_hostent
Resolve hosts by name from DNS into resolv_hostent
Switch resolver to using resolv_hostent and honor TTL
Conflicts:
src/providers/fail_over.c
Provide TTL structure names for c-ares < 1.7
https://fedorahosted.org/sssd/ticket/898
In c-ares 1.7, the upstream renamed the addrttl/addr6ttl structures to
ares_addrttl/ares_addr6ttl so they are in the ares_ namespace.
Because they are committed to stable ABI, the contents are the same, just
the name changed -- so it is safe to just #define the new name for older
c-ares version in case the new one is not detected in configure time.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add utility function to return IP address as string
Add a utility function to escape IPv6 address for use in URIs
Use escaped IP addresses in LDAP provider
Escape IPv6 IP addresses in the IPA provider
https://fedorahosted.org/sssd/ticket/880
Fix bad merge
We merged in a patch, but missed that it missed a dependency added
by another earlier patch.
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/867
|
|
|
|
|
|
|
|
|
|
|
| |
We were unscheduling the timeout handler after the first lookup
(A or AAAA) returned, but not rescheduling it if we went on to
check the secondary record type. This resulted in the resolver
never returning a result for the secondary lookup, which can mean
that logins/screen unlocks after VPN drop or suspend/resume might
never complete.
Fixes https://fedorahosted.org/sssd/ticket/729
|
|
|
|
|
|
|
| |
options.tries specifies the number of retries. Setting this to
zero means to try exactly once. Previously we were always trying
twice (internally). We want to simply honor the SSSD configuration
and fail over to the next server (or go offline) after one try.
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/686
|
|
|
|
|
|
| |
We had a hard-coded timeout of five seconds for DNS lookups in the
async resolver. This patch adds an option 'dns_resolver_timeout'
to specify this value (Default: 5)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds a new failover API call fo_add_srv_server that allows the caller
to specify a server that is later resolved into a list of specific
servers using SRV requests.
Also adds a new failover option that specifies how often should the
servers resolved from SRV query considered valid until we need a
refresh.
The "real" servers to connect to are returned to the user as usual,
using the fo_resolve_service_{send,recv} calls.
Make SRV resolution work with c-ares 1.6
|
|
|
|
|
|
|
|
|
|
| |
RFC 2782 defines a way to sort replies to a SRV query. In short, the
algorithm sorts all replies by priority and then does a weight-based
selection for every priority level.
For details, please see the sections "Usage rules" for overview of the
algorithm and section "The 'Weight' field" for description on the weight
selection.
|
| |
|
|
|
|
| |
This patch removes some tab-indentations from pamsrv.c, too.
|
|
|
|
|
|
|
| |
Adds a new option that tells resolver which address family to prefer or
use exclusively.
Fixes: #404
|
|
Also update BUILD.txt
|