summaryrefslogtreecommitdiffstats
path: root/src/util
Commit message (Collapse)AuthorAgeFilesLines
* Add option to follow symlinks to check_file()Jakub Hrozek2011-10-132-3/+4
|
* Multiline macro cleanupJakub Hrozek2011-09-283-5/+5
| | | | | | | | | | This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again.
* DEBUG timestamps offer higher precisionPavel Březina2011-09-083-13/+65
| | | | | | | https://fedorahosted.org/sssd/ticket/956 Added: --debug-microseconds=0/1 Added: debug_microseconds to sssd.conf
* sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string()Pavel Březina2011-09-061-3/+3
| | | | https://fedorahosted.org/sssd/ticket/986
* sss_ldap_err2string() - function createdPavel Březina2011-09-062-0/+16
| | | | https://fedorahosted.org/sssd/ticket/986
* New DEBUG facility - SSSDBG_UNRESOLVED changed from -1 to 0Pavel Březina2011-08-253-13/+11
| | | | | | | | | | | | | | | | | | | | | Removed: SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED) Added new macro: CONVERT_AND_SET_DEBUG_LEVEL(new_value) Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0 so DEBUG macro could be reduced by one condition. Anyway, it has a minor effect, every time you want to load debug_level from command line parameters, you have to use following pattern: /* Set debug level to invalid value so we can deside if -d 0 was used. */ debug_level = SSSDBG_INVALID; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { ... } CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
* New DEBUG facility - conversionPavel Březina2011-08-253-21/+11
| | | | | | | | | | https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
* New DEBUG facility - modified DEBUGPavel Březina2011-08-251-6/+41
| | | | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/925 Modified: DEBUG() macro to work with new levels There are several new macros in util/util.h: - DEBUG_MSG(level, function, message) which will format the debug message like "(time) [prg_name] [function] (level): message\n" - DEBUG_IS_SET(level) that you should use to check if the level is allowed to be logged You can use it like: if (DEBUG_IS_SET(SSSDBG_TRACE_LIBS)) {...}
* New DEBUG facility - new levelsPavel Březina2011-08-252-2/+89
| | | | | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/925 Added functions: - debug_convert_old_level() to convert levels 0-9 to appropriate bitmask debug_convert_old_level(5) returns 0x03F0 (= 0 | 1 | 2 | 3 | 4 | 5) - debug_get_level() to convert old level number to its new value debug_get_level(5) returns 0x0200 (= 5) There are several new macros in util/util.h: - SSSDBG_* to reflect a debug level (same names as in the ticket) - please, don't use magic numbers anymore
* Handle timeout during sss_ldap_init_sendJakub Hrozek2011-08-152-2/+36
| | | | | | | | | In some cases, where there would be no response from the LDAP server, there would be no R/W events on the LDAP fd, so sdap_async_sys_connect_done would never be called. This patch adds a tevent timer that cancels the connection after SDAP_NETWORK_TIMEOUT seconds.
* Handle errno properly in set_debug_file_from_fd()Jakub Hrozek2011-08-151-2/+5
|
* Allow the O_NONBLOCK flag to be reset correctlyRalf Haferkamp2011-08-111-14/+0
| | | | | | | | | | sssd set the O_NONBLOCK flag on the LDAP socket twice. First in set_fd_flags_and_opts(). And the second time in sdap_async_sys_connect_send() after storing a backup in the local state structure. The backup is later used to restore the original flags (after connect() succeeded). As NONBLOCK was already set before it didn't correctly reset that flag. https://fedorahosted.org/sssd/ticket/952
* debug_timestamps fixesPavel Březina2011-08-083-11/+16
| | | | | | Fixed: could not overwrite debug_timestamps when set in sssd.conf Fixed: invalid description of debug_timestamps in sssd man page
* Fix python HBAC bindings for python <= 2.4Jakub Hrozek2011-07-132-0/+167
| | | | | | | | | | | | | | | Several parts of the HBAC python bindings did not work with old Python versions, such as the one shipped in RHEL5. The changes include: * a compatibility wrapper around python set object * PyModule_AddIntMacro compat macro * Py_ssize_t compat definition * Do not use PyUnicode_FromFormat * several function prototypes and structures used to have "char arguments where they have "const char *" in recent versions. This caused compilation warnings this patch mitigates by using the discard_const hack on python 2.4
* Move IP adress escaping from the LDAP namespaceJakub Hrozek2011-07-114-11/+11
|
* Call ldap_install_tls() on ldaps connectionsSumit Bose2011-07-051-0/+15
|
* Do not access state after tevent_req_done() is called.Sumit Bose2011-07-011-10/+16
|
* Do not attempt to close() a file descriptor < 0Stephen Gallagher2011-07-011-1/+3
| | | | Coverity 10886
* Use ldap_init_fd() instead of ldap_initialize() if availableSumit Bose2011-06-302-0/+346
|
* Make parse_args skip extra spacesJakub Hrozek2011-06-151-16/+24
| | | | https://fedorahosted.org/sssd/ticket/871
* Add a utility function to escape IPv6 address for use in URIsJakub Hrozek2011-06-022-0/+11
|
* Import config.h earlierStephen Gallagher2011-05-231-2/+1
| | | | | | On RHEL 5 and other older platforms, failing to set _GNU_SOURCE early would cause some functions - such as strndup() - to be unavailable.
* Set _GNU_SOURCE globallySumit Bose2011-05-235-6/+6
|
* Add support for Attribute Scoped QueriesJakub Hrozek2011-05-201-0/+4
| | | | | | For more details on ASQ, see: http://msdn.microsoft.com/en-us/library/aa366976%28VS.85%29.aspx http://msdn.microsoft.com/en-us/library/aa746418%28v=VS.85%29.aspx
* Fixed unitialized pointer in select_principal_from_keytabJan Zeleny2011-05-161-1/+1
| | | | https://fedorahosted.org/sssd/ticket/857
* Fixed unitialized return value in match_principalJan Zeleny2011-05-161-2/+1
| | | | https://fedorahosted.org/sssd/ticket/858
* Allow changing the log level without restartStephen Gallagher2011-05-062-3/+24
| | | | | | We will now re-read the confdb debug_level value when processing the monitor_common_logrotate() function, which occurs when the monitor receives a SIGHUP.
* Added some kerberos functions for building on RHEL5Jan Zeleny2011-05-052-5/+188
|
* Override config file debug_level with command-lineStephen Gallagher2011-05-043-9/+16
| | | | | | | | | | | This patch also makes the following changes: 1) The [sssd] debug_level setting no longer acts as a default for all other sections. 2) We will now skip passing the debug argument to the child processes from the master unless the SSSD was run with a command-line argument for the debug level. https://fedorahosted.org/sssd/ticket/764
* Modify principal selection for keytab authenticationJan Zeleny2011-04-252-2/+180
| | | | | | | | | | | | | | | | Currently we construct the principal as host/fqdn@REALM. The problem with this is that this principal doesn't have to be in the keytab. In that case the provider fails to start. It is better to scan the keytab and find the most suitable principal to use. Only in case no suitable principal is found the backend should fail to start. The second issue solved by this patch is that the realm we are authenticating the machine to can be in general different from the realm our users are part of (in case of cross Kerberos trust). The patch adds new configuration option SDAP_SASL_REALM. https://fedorahosted.org/sssd/ticket/781
* Extend and move function for finding principal in keytabJan Zeleny2011-04-252-0/+161
| | | | | | | | The function now supports finding principal in keytab not only based on realm, but based on both realm and primary/instance parts. The function also supports * wildcard at the beginning or at the end of primary principal part. The function for finding principal has been moved to util/sss_krb5.c, so it can be used in other parts of the code.
* Don't pass NULL to printf for TLS errorsJakub Hrozek2011-04-082-0/+33
| | | | https://fedorahosted.org/sssd/ticket/643
* Fix uninitialized value errorSumit Bose2011-01-211-1/+1
|
* NSS obfuscation code cleanupJakub Hrozek2011-01-201-38/+97
| | | | https://fedorahosted.org/sssd/ticket/752
* Add overflow check to SAFEALIGN_COPY_*_CHECK macrosSumit Bose2011-01-111-3/+6
|
* Validate user supplied size of data itemsSumit Bose2011-01-111-0/+5
| | | | | | Specially crafted packages might lead to an integer overflow and the parsing of the input buffer might not continue as expected. This issue was identified by Sebastian Krahmer <krahmer@suse.de>.
* Introduce sss_hash_create_ex()Sumit Bose2010-12-202-6/+29
|
* Fix unchecked return value in sss_krb5_verify_keytab_exStephen Gallagher2010-12-171-1/+8
| | | | https://fedorahosted.org/sssd/ticket/711
* Fix invalid sizeof in pidfileStephen Gallagher2010-12-161-1/+1
| | | | https://fedorahosted.org/sssd/ticket/730
* Add missing break statement to sss_hash_createStephen Gallagher2010-12-141-0/+1
| | | | https://fedorahosted.org/sssd/ticket/720
* Fix build issue with older Kerberos librarySumit Bose2010-12-081-0/+7
|
* Add support for FAST in krb5 providerSumit Bose2010-12-072-0/+62
|
* krb5_child returns TGT lifetimeSumit Bose2010-12-031-0/+6
|
* Add a special filter type to handle enumerationsSumit Bose2010-12-021-0/+2
|
* Make default SIGTERM and SIGINT handlers use teventStephen Gallagher2010-12-021-1/+33
|
* Add missing error codeSumit Bose2010-11-181-0/+1
|
* Add utility function to sanitize LDAP/LDB filtersStephen Gallagher2010-11-152-0/+63
| | | | Also adds a unit test.
* Handle errors during log reopening betterStephen Gallagher2010-11-051-2/+28
|
* Always use uint32_t for UID/GID numbersJakub Hrozek2010-10-262-4/+4
|
* Write log opening failures to the syslogStephen Gallagher2010-10-191-0/+3
| | | | | If there is a problem with reopening the logs, it can be an audit trail issue.
generated by cgit (git 2.34.1) at 2024-05-13 18:13:31 +0000