summaryrefslogtreecommitdiffstats
path: root/src/responder/pam/pamsrv_cmd.c
Commit message (Collapse)AuthorAgeFilesLines
* Revert "Allow LDAP to decide when an expiration warning is warranted"Stephen Gallagher2011-08-041-4/+3
| | | | This reverts commit b3d6f8383b94ffe49e02bb156e1ab442b46b042c.
* Allow LDAP to decide when an expiration warning is warrantedStephen Gallagher2011-08-011-3/+4
| | | | | | | | | Previously, we were only displaying expiration warnings if the password was going to expire within a day. We'll allow LDAP to make this decision (by whether it passes us the expiration time). In the future, we can add an option to clamp this down to a shorter period if the local admin prefers it.
* Fix unchecked return values of pam_add_responsesssd-1_5_11Jakub Hrozek2011-07-051-4/+12
| | | | https://fedorahosted.org/sssd/ticket/798
* Perform initgroups lookups for all domainsStephen Gallagher2011-02-211-3/+5
| | | | | | | | | | Previously, we were setting the client context PAM lookup timeout after the first domain replied. However, if the user wasn't a member of the first domain, their information wasn't being updated. This patch ensures that we only set this timeout after the user has been found or all domains were searched.
* Perform initgroups lookup for PAMStephen Gallagher2011-01-211-1/+3
| | | | | Previously we were only looking up the user, but we need to make sure that all groups are available for use by access providers.
* Use DEFAULT_PAM_VERBOSITY if config value cannot be retrievedSumit Bose2011-01-191-1/+1
|
* Add pam_pwd_expiration_warning config optionSumit Bose2011-01-191-12/+47
|
* Validate user supplied size of data itemsSumit Bose2011-01-111-76/+75
| | | | | | Specially crafted packages might lead to an integer overflow and the parsing of the input buffer might not continue as expected. This issue was identified by Sebastian Krahmer <krahmer@suse.de>.
* Update the ID cache for any PAM requestStephen Gallagher2010-12-221-8/+11
| | | | | | | | Also adds an option to limit how often we check the ID provider, so that conversations with multiple PAM requests won't update the cache multiple times. https://fedorahosted.org/sssd/ticket/749
* Ensure ID is checked in all domains for PAMStephen Gallagher2010-12-221-0/+2
| | | | | | | Previously, this was initialized to zero, so the first domain in the list wouldn't be checked for ID updates in pam_check_user_search. This initializes the first domain to check the provider.
* Eliminate possible NULL-dereference in pam_check_user_searchStephen Gallagher2010-12-141-0/+7
| | | | https://fedorahosted.org/sssd/ticket/719
* Add support for server-side pam response messagesSumit Bose2010-12-031-0/+2
|
* Introduce pam_verbosity config optionSumit Bose2010-11-151-11/+90
| | | | | | | | | | | Currently we display all PAM messages generated by sssd to the user. But only some of them are important and others are just some useful information. This patch introduces a new option to the PAM responder which controls what kind of messages are displayed. As an example the 'Authenticated with cached credentials' message is used. This message is only displayed if pam_verbosity=1 or if there is an expire date.
* Avoid long long in messages to PAM client use int64_tSumit Bose2010-11-151-7/+7
|
* Honor filter_users in PAMStephen Gallagher2010-06-171-7/+17
|
* Add support for delayed kinit if offlineSumit Bose2010-05-261-1/+1
| | | | | | | If the configuration option krb5_store_password_if_offline is set to true and the backend is offline the plain text user password is stored and used to request a TGT if the backend becomes online. If available the Linux kernel key retention service is used.
* sysdb: convert sysdb_getpwnamSimo Sorce2010-04-121-219/+118
|
* Remove remaining use of sysdb_transaction_sendSimo Sorce2010-04-121-133/+9
|
* sysdb: convert sysdb_cache_authSimo Sorce2010-04-121-47/+39
|
* sysdb: convert sysdb_set_entry/user/group_attrSimo Sorce2010-04-121-21/+3
|
* Store lastLogin attribute when authenticating onlineJakub Hrozek2010-02-231-0/+5
|
* Remove unneeded items from struct pam_dataSumit Bose2010-02-191-18/+0
|
* Rename server/ directory to src/Stephen Gallagher2010-02-181-0/+1181
Also update BUILD.txt
generated by cgit (git 2.34.1) at 2024-05-04 19:12:58 +0000