summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Add ldap_search_enumeration_timeout config optionSumit Bose2011-01-179-15/+38
|
* Add timeout parameter to sdap_get_generic_send()Sumit Bose2011-01-1710-55/+111
|
* Regenerate manpage po[t] filesStephen Gallagher2011-01-143-2955/+5262
| | | | Fixed several typos
* Fix manpage typosYuri Chornoivan2011-01-144-9/+9
|
* Add uk translation for manpagesYuri Chornoivan2011-01-142-1/+4386
|
* Fix missing hash table bugStephen Gallagher2011-01-141-0/+1
| | | | | | | When the automatic cleanup happened, if the netgroup had been created with no contents (to indicate an unknown netgroup), we weren't saving the hash table address and the talloc_free() was failing.
* Do not throw a DP error when a netgroup is not foundStephen Gallagher2011-01-142-6/+5
| | | | https://fedorahosted.org/sssd/ticket/775
* Add missing sysdb transaction to group enumerationsStephen Gallagher2011-01-141-12/+45
| | | | | | | | | | | | We were not enclosing group processing in a transaction, which was resulting in extremely high numbers of disk-writes. This patch adds a transaction around the sdap_process_group code to ensure that these actions take place within a transaction. This patch also adds a check around the missing member code for RFC2307bis so we don't go back to the LDAP server to look up entries that don't exist (since the enumeration first pass would already have guaranteed that we have all real users cached)
* Work around libldb bugStephen Gallagher2011-01-141-2/+10
| | | | | Libldb performs non-indexed searches for ONELEVEL requests. We'll use SUBTREE instead to reduce the performance hit substantially
* Add overflow check to SAFEALIGN_COPY_*_CHECK macrosSumit Bose2011-01-111-3/+6
|
* Validate user supplied size of data itemsSumit Bose2011-01-113-76/+94
| | | | | | Specially crafted packages might lead to an integer overflow and the parsing of the input buffer might not continue as expected. This issue was identified by Sebastian Krahmer <krahmer@suse.de>.
* Add syslog messages to authorized service access checkSumit Bose2011-01-061-1/+31
|
* Add syslog message to shadow access checkSumit Bose2011-01-061-6/+14
|
* Convert obfuscated password once at startupSumit Bose2011-01-062-14/+41
|
* Remove unused enumeration cache timeout checksSumit Bose2011-01-063-33/+2
| | | | | The existence of the getent_ctx is used to track the enumeration cache timeout.
* Post enumeration tevent request if neededSumit Bose2011-01-062-8/+43
|
* Return groups and users from all domains during enumerationSumit Bose2011-01-061-3/+5
|
* Rename SRV_NOT_RESOLVED to SRV_RESOLVE_ERRORSumit Bose2011-01-051-5/+5
|
* Use the right status when resetting service discoverySumit Bose2011-01-051-1/+1
|
* Fix boolean comparison against stringStephen Gallagher2011-01-051-2/+2
| | | | Coverity 10082 and 100083
* Build and install translated man pages by defaultSumit Bose2010-12-231-23/+31
|
* Update the ID cache for any PAM requestStephen Gallagher2010-12-228-8/+48
| | | | | | | | Also adds an option to limit how often we check the ID provider, so that conversations with multiple PAM requests won't update the cache multiple times. https://fedorahosted.org/sssd/ticket/749
* Ensure ID is checked in all domains for PAMStephen Gallagher2010-12-221-0/+2
| | | | | | | Previously, this was initialized to zero, so the first domain in the list wouldn't be checked for ID updates in pam_check_user_search. This initializes the first domain to check the provider.
* Add Czech translationJakub Hrozek2010-12-223-0/+8428
| | | | | Translated a couple of strings from manpages into Czech. Makes the manpage translation patch testable.
* Make manual pages translatableJakub Hrozek2010-12-223-1/+183
| | | | | | | | | Utilizes PO4A to extract translatable strings from Docbook XML sources and allows translators to submit ordinary .PO files. PO4A then generates translated Docbook documents that can be used to generate translated end user documentation. https://fedorahosted.org/sssd/ticket/297
* Add authorizedService supportStephen Gallagher2010-12-2110-3/+176
| | | | https://fedorahosted.org/sssd/ticket/670
* Pass all PAM data to the LDAP access providerStephen Gallagher2010-12-211-9/+12
| | | | Previously we were only passing the username.
* Fix potential NULL-dereference in krb5_auth_done()Sumit Bose2010-12-211-3/+3
| | | | https://fedorahosted.org/sssd/ticket/745
* Remove unused member of a structSumit Bose2010-12-211-1/+0
|
* Add all values of a multi-valued user attributeSumit Bose2010-12-211-12/+15
|
* Update config API filesSumit Bose2010-12-213-7/+47
| | | | | | Over the time a couple of new config options didn't made it into the config API files. This patch updates the files and removes some duplications.
* Serialize requests of the same user in the krb5 providerSumit Bose2010-12-204-0/+239
|
* Fixes for automatic ticket renewalSumit Bose2010-12-204-44/+100
| | | | | | - do not recreate the ccache file when renewing the TGT - use user principal name as hash key instead of ccfile name - let krb5_child return Kerberos error codes
* Introduce sss_hash_create_ex()Sumit Bose2010-12-202-6/+29
|
* Avoid multiple initializations in LDAP providerSumit Bose2010-12-201-39/+30
| | | | | | Currently in a domain where LDAP was used for id and auth the LDAP UIR was added multiple times to the failover code which may cause unwanted delays.
* Add sysdb_has_enumerated and sysdb_set_enumerated helper functionsStephen Gallagher2010-12-203-0/+192
| | | | Includes a unit test
* Start first enumeration immediatelyStephen Gallagher2010-12-173-3/+47
| | | | | | | | | | | | | | Previously, we would wait for ten seconds before starting an enumeration. However, this meant that on the first startup (before we had run our first enumeration) there was a ten-second window where clients would immediately get back a response with no entries instead of blocking until the enumeration completed. With this patch, SSSD will now run an enumeration immediately upon startup. Further startups will retain the ten-second delay so as not to slow down system bootups. https://fedorahosted.org/sssd/ticket/616
* Fix possible NULL-dereference in lookup_netgr_step()Sumit Bose2010-12-171-1/+1
| | | | https://fedorahosted.org/sssd/ticket/735
* Fix unchecked return value in set_nonblockingStephen Gallagher2010-12-171-10/+53
| | | | | | Also fixes the same problem with set_close_on_exec https://fedorahosted.org/sssd/ticket/713
* Fix wrong test in pam_sssSimo Sorce2010-12-171-1/+1
|
* Fix unchecked return value in test_sysdb_attrs_to_listStephen Gallagher2010-12-171-3/+6
| | | | https://fedorahosted.org/sssd/ticket/714
* Fix uninitialized value error in set_local_and_remote_host_infoStephen Gallagher2010-12-171-1/+1
| | | | https://fedorahosted.org/sssd/ticket/725
* Fix unsafe return condition in ipa_access_handlerStephen Gallagher2010-12-171-1/+6
| | | | https://fedorahosted.org/sssd/ticket/718
* Fix unchecked return value in sss_krb5_verify_keytab_exStephen Gallagher2010-12-171-1/+8
| | | | https://fedorahosted.org/sssd/ticket/711
* Fix segfault for PAM_TEXT_INFO conversationsStephen Gallagher2010-12-161-1/+1
|
* Fix invalid sizeof in pidfileStephen Gallagher2010-12-161-1/+1
| | | | https://fedorahosted.org/sssd/ticket/730
* Fix uninitialized value error in lookup_netgr_step()Sumit Bose2010-12-151-146/+181
|
* Fix memory leak of library handle in proxySumit Bose2010-12-152-18/+26
| | | | https://fedorahosted.org/sssd/ticket/733
* Fix another possible memory leak in sss_nss_recv_rep()Sumit Bose2010-12-151-8/+19
| | | | https://fedorahosted.org/sssd/ticket/723
* Fix possible memory leak in do_pam_conversationSumit Bose2010-12-151-16/+28
| | | | https://fedorahosted.org/sssd/ticket/731