summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Add dns_resolver_timeout optionStephen Gallagher2010-04-307-2/+34
| | | | | | We had a hard-coded timeout of five seconds for DNS lookups in the async resolver. This patch adds an option 'dns_resolver_timeout' to specify this value (Default: 5)
* Fix wrong return valueSumit Bose2010-04-301-15/+14
| | | | | If there was a failure during a password change a wrong return value was send back to the PAM stack.
* Silence warnings with -O2Jakub Hrozek2010-04-303-12/+26
|
* Support SRV servers in failoverJakub Hrozek2010-04-305-60/+551
| | | | | | | | | | | | | | | Adds a new failover API call fo_add_srv_server that allows the caller to specify a server that is later resolved into a list of specific servers using SRV requests. Also adds a new failover option that specifies how often should the servers resolved from SRV query considered valid until we need a refresh. The "real" servers to connect to are returned to the user as usual, using the fo_resolve_service_{send,recv} calls. Make SRV resolution work with c-ares 1.6
* Remove freed server_common entities from listJakub Hrozek2010-04-301-1/+24
|
* Sort SRV replies according to RFC 2782Jakub Hrozek2010-04-303-0/+336
| | | | | | | | | | RFC 2782 defines a way to sort replies to a SRV query. In short, the algorithm sorts all replies by priority and then does a weight-based selection for every priority level. For details, please see the sections "Usage rules" for overview of the algorithm and section "The 'Weight' field" for description on the weight selection.
* Display a message if a password reset by root failsSumit Bose2010-04-264-8/+235
|
* Unset authentication tokens if password change failsSumit Bose2010-04-261-27/+52
|
* Make the handling of fd events opaqueSumit Bose2010-04-266-184/+280
| | | | | | | Depending on the version of the OpenLDAP libraries we use two different schemes to find the file descriptor of the connection to the LDAP server. This patch removes the related ifdefs from the main code and introduces helper functions which can handle the specific cases.
* Do not mark a request as failed twiceJakub Hrozek2010-04-261-1/+0
|
* Treat server names as case-insensitive in failover codeJakub Hrozek2010-04-261-2/+2
|
* Fix a potential memory violationSumit Bose2010-04-261-2/+4
| | | | If read() returns with errno set to EINTR -1 is added to total_len.
* Set LDAP_OPT_RESTART for all LDAP connectionsSumit Bose2010-04-261-7/+7
|
* Avoid accessing half-deallocated memory when using talloc_zfree macro.eindenbom2010-04-161-1/+5
| | | | | | The correct memory deallocation sequence is: - clear pointer to memory first - then deallocate memory
* Make ID provider init functions clearerStephen Gallagher2010-04-164-11/+11
| | | | | | | | | | | Using sssm_*_init() as the name of the initialization function for identity providers was a holdover from earlier development when we thought we would only have a single "provider" entry in the config file. As we have now separated out the initialization functions for auth, chpass and access, we should rename sssm_*_init() to sssm_*_id_init() for a cleaner interface.
* Give information about ldap_schema in the sample configStephen Gallagher2010-04-161-0/+7
| | | | Resolves: https://fedorahosted.org/sssd/ticket/438
* Use SO_PEERCRED on the PAM socketSumit Bose2010-04-166-3/+162
| | | | | | | | | | | | | | | | | This is the second attempt to let the PAM client and the PAM responder exchange their credentials, i.e. uid, gid and pid. Because this approach does not require any message interchange between the client and the server the protocol version number is not changed. On the client side the connection is terminated it the responder is not run by root. On the server side the effective uid and gid and the pid of the client are available for future use. The following additional changes are made by this patch: - the checks of the ownership and the permissions on the PAM sockets are enhanced - internal error codes are introduced on the client side to generate more specific log messages if an error occurs
* Revert "Add better checks on PAM socket"Sumit Bose2010-04-164-274/+5
| | | | This reverts commit 5a88e963744e5da453e88b5c36499f04712df097.
* Updating ES translationHéctor Daniel Cabrera2010-04-151-144/+129
|
* Fix warning in sysdb-tests.cStephen Gallagher2010-04-141-8/+0
| | | | | | When we converted to the synchronous sysdb interface, the synchronous-simulating function test_loop() became unnecessary, but we forgot to remove it.
* Remove unused configure macroStephen Gallagher2010-04-141-1/+0
|
* Update Polish translationPiotr Drąg2010-04-121-20/+16
|
* Update Ukrainian translationYuri Chornoivan2010-04-121-18/+19
|
* Fix merge error for sss_userdel.cStephen Gallagher2010-04-121-21/+1
|
* Update translations for master branchStephen Gallagher2010-04-1214-1996/+2694
|
* tools: remove creation of event_contextSimo Sorce2010-04-1210-47/+3
| | | | | Since the sysdb is now synchronous and creates its own event context we don't need an explicit event context anymore in the tools.
* Make groupshow synchronous.Simo Sorce2010-04-121-310/+105
| | | | | | | | I tried to convert this code as mechanically as possible from the previously existing code. I am not sure it works right, and it will probably recurse infinetly as circular group memberships are admitted in sysdb. The original code had the same issues. This code should be probably discarded and redone from scratch.
* sysydb: Finally stop using a common event contextSimo Sorce2010-04-1210-30/+14
| | | | This commit completes the migration to a synchronous sysdb
* sysdb: remove remaining traces of sysdb_handleSimo Sorce2010-04-1211-237/+1
|
* sysdb: remove obsolete helpers from sysdbSimo Sorce2010-04-122-158/+0
|
* sysdb: convert sysdb_initgroupsSimo Sorce2010-04-123-318/+166
|
* Adjust fill_pwent and fill_grentSimo Sorce2010-04-121-13/+13
| | | | | | | | | fill_pwent should return the number of users actually processed. Otherwise in case of a recoverable error we may end up skipping a large chunk of users. fill_grent doesn't need to distinguish between number of entries and number of groups to process since we started adding memberuid. Remove remnants that are not useful anymore.
* sysdb: convert sysdb_enumgrentSimo Sorce2010-04-124-249/+147
|
* sysdb: convert sysdb_enumpwentSimo Sorce2010-04-124-259/+144
|
* sysdb: convert sysdb_get_user_attrSimo Sorce2010-04-126-293/+160
|
* sysdb: convert sysdb_getgrgidSimo Sorce2010-04-124-263/+160
|
* sysdb: convert sysdb_getgrnamSimo Sorce2010-04-1210-394/+253
|
* sysdb: convert sysdb_getpwuidSimo Sorce2010-04-124-265/+146
|
* sysdb: convert sysdb_getpwnamSimo Sorce2010-04-1212-623/+415
|
* sysdb: add automatic transactions where neededSimo Sorce2010-04-121-7/+47
| | | | | | Only functions that do multiple operations need explicit transactions as ldb_add/ldb_modify/ldb_delete already start transactions automatically intenrally.
* sysdb: remove async transactionsSimo Sorce2010-04-122-157/+0
| | | | not used anymore
* Remove remaining use of sysdb_transaction_sendSimo Sorce2010-04-125-723/+205
|
* Use the sysdb synchronous transaction functionsSimo Sorce2010-04-127-424/+104
|
* proxy: complete conversion to synchronous sysdbSimo Sorce2010-04-121-1113/+428
| | | | This makes proxy use only synchronous functions again.
* sysdb: add synchronous transaction functionsSimo Sorce2010-04-122-14/+37
|
* tests: remove use of asynchronus transactionsSimo Sorce2010-04-121-502/+86
| | | | now all calls are synchronous
* sysdb: remove sysdb_check_handleSimo Sorce2010-04-121-90/+0
| | | | not used anymore
* sysdb: convert sysdb_cache_authSimo Sorce2010-04-124-264/+136
|
* sysdb: convert sysdb_search_groupsSimo Sorce2010-04-124-410/+151
|
* sysdb: delete sysdb_delete_groupSimo Sorce2010-04-126-321/+109
|
generated by cgit (git 2.34.1) at 2024-05-02 12:55:45 +0000