summaryrefslogtreecommitdiffstats
path: root/src/util
Commit message (Collapse)AuthorAgeFilesLines
* Fix python HBAC bindings for python <= 2.4Jakub Hrozek2011-07-132-0/+167
| | | | | | | | | | | | | | | Several parts of the HBAC python bindings did not work with old Python versions, such as the one shipped in RHEL5. The changes include: * a compatibility wrapper around python set object * PyModule_AddIntMacro compat macro * Py_ssize_t compat definition * Do not use PyUnicode_FromFormat * several function prototypes and structures used to have "char arguments where they have "const char *" in recent versions. This caused compilation warnings this patch mitigates by using the discard_const hack on python 2.4
* Move IP adress escaping from the LDAP namespaceJakub Hrozek2011-07-114-11/+11
|
* Call ldap_install_tls() on ldaps connectionsSumit Bose2011-07-051-0/+15
|
* Do not access state after tevent_req_done() is called.Sumit Bose2011-07-011-10/+16
|
* Do not attempt to close() a file descriptor < 0Stephen Gallagher2011-07-011-1/+3
| | | | Coverity 10886
* Use ldap_init_fd() instead of ldap_initialize() if availableSumit Bose2011-06-302-0/+346
|
* Make parse_args skip extra spacesJakub Hrozek2011-06-151-16/+24
| | | | https://fedorahosted.org/sssd/ticket/871
* Add a utility function to escape IPv6 address for use in URIsJakub Hrozek2011-06-022-0/+11
|
* Import config.h earlierStephen Gallagher2011-05-231-2/+1
| | | | | | On RHEL 5 and other older platforms, failing to set _GNU_SOURCE early would cause some functions - such as strndup() - to be unavailable.
* Set _GNU_SOURCE globallySumit Bose2011-05-235-6/+6
|
* Add support for Attribute Scoped QueriesJakub Hrozek2011-05-201-0/+4
| | | | | | For more details on ASQ, see: http://msdn.microsoft.com/en-us/library/aa366976%28VS.85%29.aspx http://msdn.microsoft.com/en-us/library/aa746418%28v=VS.85%29.aspx
* Fixed unitialized pointer in select_principal_from_keytabJan Zeleny2011-05-161-1/+1
| | | | https://fedorahosted.org/sssd/ticket/857
* Fixed unitialized return value in match_principalJan Zeleny2011-05-161-2/+1
| | | | https://fedorahosted.org/sssd/ticket/858
* Allow changing the log level without restartStephen Gallagher2011-05-062-3/+24
| | | | | | We will now re-read the confdb debug_level value when processing the monitor_common_logrotate() function, which occurs when the monitor receives a SIGHUP.
* Added some kerberos functions for building on RHEL5Jan Zeleny2011-05-052-5/+188
|
* Override config file debug_level with command-lineStephen Gallagher2011-05-043-9/+16
| | | | | | | | | | | This patch also makes the following changes: 1) The [sssd] debug_level setting no longer acts as a default for all other sections. 2) We will now skip passing the debug argument to the child processes from the master unless the SSSD was run with a command-line argument for the debug level. https://fedorahosted.org/sssd/ticket/764
* Modify principal selection for keytab authenticationJan Zeleny2011-04-252-2/+180
| | | | | | | | | | | | | | | | Currently we construct the principal as host/fqdn@REALM. The problem with this is that this principal doesn't have to be in the keytab. In that case the provider fails to start. It is better to scan the keytab and find the most suitable principal to use. Only in case no suitable principal is found the backend should fail to start. The second issue solved by this patch is that the realm we are authenticating the machine to can be in general different from the realm our users are part of (in case of cross Kerberos trust). The patch adds new configuration option SDAP_SASL_REALM. https://fedorahosted.org/sssd/ticket/781
* Extend and move function for finding principal in keytabJan Zeleny2011-04-252-0/+161
| | | | | | | | The function now supports finding principal in keytab not only based on realm, but based on both realm and primary/instance parts. The function also supports * wildcard at the beginning or at the end of primary principal part. The function for finding principal has been moved to util/sss_krb5.c, so it can be used in other parts of the code.
* Don't pass NULL to printf for TLS errorsJakub Hrozek2011-04-082-0/+33
| | | | https://fedorahosted.org/sssd/ticket/643
* Fix uninitialized value errorSumit Bose2011-01-211-1/+1
|
* NSS obfuscation code cleanupJakub Hrozek2011-01-201-38/+97
| | | | https://fedorahosted.org/sssd/ticket/752
* Add overflow check to SAFEALIGN_COPY_*_CHECK macrosSumit Bose2011-01-111-3/+6
|
* Validate user supplied size of data itemsSumit Bose2011-01-111-0/+5
| | | | | | Specially crafted packages might lead to an integer overflow and the parsing of the input buffer might not continue as expected. This issue was identified by Sebastian Krahmer <krahmer@suse.de>.
* Introduce sss_hash_create_ex()Sumit Bose2010-12-202-6/+29
|
* Fix unchecked return value in sss_krb5_verify_keytab_exStephen Gallagher2010-12-171-1/+8
| | | | https://fedorahosted.org/sssd/ticket/711
* Fix invalid sizeof in pidfileStephen Gallagher2010-12-161-1/+1
| | | | https://fedorahosted.org/sssd/ticket/730
* Add missing break statement to sss_hash_createStephen Gallagher2010-12-141-0/+1
| | | | https://fedorahosted.org/sssd/ticket/720
* Fix build issue with older Kerberos librarySumit Bose2010-12-081-0/+7
|
* Add support for FAST in krb5 providerSumit Bose2010-12-072-0/+62
|
* krb5_child returns TGT lifetimeSumit Bose2010-12-031-0/+6
|
* Add a special filter type to handle enumerationsSumit Bose2010-12-021-0/+2
|
* Make default SIGTERM and SIGINT handlers use teventStephen Gallagher2010-12-021-1/+33
|
* Add missing error codeSumit Bose2010-11-181-0/+1
|
* Add utility function to sanitize LDAP/LDB filtersStephen Gallagher2010-11-152-0/+63
| | | | Also adds a unit test.
* Handle errors during log reopening betterStephen Gallagher2010-11-051-2/+28
|
* Always use uint32_t for UID/GID numbersJakub Hrozek2010-10-262-4/+4
|
* Write log opening failures to the syslogStephen Gallagher2010-10-191-0/+3
| | | | | If there is a problem with reopening the logs, it can be an audit trail issue.
* Use unsigned long for conversion to id_tJakub Hrozek2010-10-181-4/+4
| | | | | | | | We used strtol() on a number of places to convert into uid_t or gid_t from a string representation such as LDAP attribute, but on some platforms, unsigned long might be necessary to store big id_t values. This patch converts to using strtoul() instead.
* Add a missing include fileSumit Bose2010-10-131-0/+1
| | | | | strcasecmp() is defined in strings.h which might not be included under certain conditions.
* Add common hash table setupStephen Gallagher2010-10-082-0/+58
| | | | | sss_hash_create() produces a dhash table living in the talloc hierarchy.
* Use new MIT krb5 API for better password expiration warningsSumit Bose2010-09-232-2/+26
|
* Fix parameter order when initializing decryptionJakub Hrozek2010-09-151-1/+1
|
* Dead assignments cleanup in various places in SSSDJan Zeleny2010-09-081-1/+1
| | | | | | Three assignments deleted, two return code inspection added. Also found and fixed one critical bug caused by dead assignment. Ticket: #590
* Password obfuscation utility functionsJakub Hrozek2010-09-083-0/+510
| | | | | | | Adds two utility functions to obfuscate a password and inverse to extract the cleartext password back. So far, only NSS-based implementation is provided.
* Add safe copy/move macros for uint16_tJakub Hrozek2010-09-081-1/+11
|
* Move crypto functions into its own subdirJakub Hrozek2010-09-085-42/+109
| | | | | | A refactoring patch that creates a common util/crypto subdir with per-implementation subdirectories for each underlying crypto library supported by SSSD.
* Add dup_string_list() utility functionStephen Gallagher2010-08-032-0/+37
|
* Add diff_string_lists utility functionStephen Gallagher2010-08-032-0/+209
| | | | Includes a unit test
* Validate keytab at startupJakub Hrozek2010-08-032-0/+162
| | | | | | | | In addition to validating the keytab everytime a TGT is requested, we also validate the keytab on back end startup to give early warning that the keytab is not usable. Fixes: #556
* Add log notifications for startup and shutdown.Stephen Gallagher2010-07-091-1/+4
|
generated by cgit (git 2.34.1) at 2024-05-27 22:54:39 +0000