summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Improve documentation of libipa_hbacStephen Gallagher2011-09-082-21/+1697
|
* Do not access memory out of boundsSumit Bose2011-09-071-2/+2
|
* Keep deref controls until the whole request is finishedJakub Hrozek2011-09-061-8/+45
| | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/989 John Hodrien found out that when paging is used while dereferencing an entry, sssd_be may segfault on the second page. This was because paging returned the control to sdap_generic_search multiple times but sssd was freeing dereference control after the first search invocation. The subsequend sdap searched accessed memory that was already freed.
* Improve error message for LDAP password constraint violationJakub Hrozek2011-09-063-16/+29
| | | | https://fedorahosted.org/sssd/ticket/985
* Subscribe to netlink route and addr messagesJakub Hrozek2011-09-061-5/+244
| | | | | | | | https://fedorahosted.org/sssd/ticket/955 In addition to carrier up messages, also subscribe to any messages describing that an address has been added or removed or routing table changed.
* Discard carrier messages from non-ethernet devicesJakub Hrozek2011-09-061-3/+155
| | | | | | | | | IFF_LOWER_UP has no meaning for wireless interfaces, it can mean that an association has been made with an access point, but it does not mean that an addressing has been completed. This patch discards "carrier up" messages from interfaces that do not look like ethernet devices.
* Change libnl monitor callback to only signal going onlineJakub Hrozek2011-09-063-14/+5
| | | | | | This feature was not used and would probably never be used, because it is much safer to rely on online actions to time out. Moreover, it would make implementing the new features more complex.
* Allow turning dereference off by setting the threshold to 0Jakub Hrozek2011-09-064-3/+13
|
* sss_debuglevel - change the debug levels on the flyPavel Březina2011-09-063-1/+460
| | | | https://fedorahosted.org/sssd/ticket/950
* sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string()Pavel Březina2011-09-064-38/+38
| | | | https://fedorahosted.org/sssd/ticket/986
* sss_ldap_err2string() - function createdPavel Březina2011-09-063-2/+16
| | | | https://fedorahosted.org/sssd/ticket/986
* Add option to specify the kerberos replay cache dirStephen Gallagher2011-09-027-0/+70
| | | | | | | Adds a configure option to set the distribution default as well as an sssd.conf option to override it. https://fedorahosted.org/sssd/ticket/980
* HBAC: Properly skip all non-group memberOf entriesStephen Gallagher2011-08-291-1/+2
|
* Fix moving to next entry in deref codeJakub Hrozek2011-08-291-1/+6
| | | | https://fedorahosted.org/sssd/ticket/973
* HBAC: Use of hostgroups for targethost or sourcehost was brokenStephen Gallagher2011-08-261-4/+4
| | | | | We were trying to look up the wrong attribute for the name of the hostgroup.
* HBAC: Handle saving groups that have no membersStephen Gallagher2011-08-261-7/+21
|
* Use the default Kerberos realm for LDAP with GSSAPI authJakub Hrozek2011-08-261-3/+55
| | | | https://fedorahosted.org/sssd/ticket/970
* Add LDAP provider option to set LDAP_OPT_X_SASL_NOCANONJakub Hrozek2011-08-268-3/+33
| | | | https://fedorahosted.org/sssd/ticket/978
* --debug-timestamps=1 is not passed to providersPavel Březina2011-08-253-55/+77
| | | | | | https://fedorahosted.org/sssd/ticket/972 --debug-timestamps=1 is now passed to providers
* New DEBUG facility - SSSDBG_UNRESOLVED changed from -1 to 0Pavel Březina2011-08-2530-49/+99
| | | | | | | | | | | | | | | | | | | | | Removed: SSS_UNRESOLVED_DEBUG_LEVEL (completely replaced with SSSDBG_UNRESOLVED) Added new macro: CONVERT_AND_SET_DEBUG_LEVEL(new_value) Changes unresolved debug level value (SSSDBG_UNRESOLVED) from -1 to 0 so DEBUG macro could be reduced by one condition. Anyway, it has a minor effect, every time you want to load debug_level from command line parameters, you have to use following pattern: /* Set debug level to invalid value so we can deside if -d 0 was used. */ debug_level = SSSDBG_INVALID; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { ... } CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
* New DEBUG facility - unit testsPavel Březina2011-08-251-0/+742
| | | | https://fedorahosted.org/sssd/ticket/925
* New DEBUG facility - man pagesPavel Březina2011-08-253-17/+62
| | | | | | | https://fedorahosted.org/sssd/ticket/925 Modified sssd and sssd.conf man pages to reflect new levels. Added new man include: include/debug_levels.xml
* New DEBUG facility - conversionPavel Březina2011-08-2540-61/+62
| | | | | | | | | | https://fedorahosted.org/sssd/ticket/925 Conversion of the old debug_level format to the new one. (only where it was necessary) Removed: SSS_DEFAULT_DEBUG_LEVEL (completely replaced with SSSDBG_DEFAULT)
* New DEBUG facility - modified DEBUGPavel Březina2011-08-251-6/+41
| | | | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/925 Modified: DEBUG() macro to work with new levels There are several new macros in util/util.h: - DEBUG_MSG(level, function, message) which will format the debug message like "(time) [prg_name] [function] (level): message\n" - DEBUG_IS_SET(level) that you should use to check if the level is allowed to be logged You can use it like: if (DEBUG_IS_SET(SSSDBG_TRACE_LIBS)) {...}
* New DEBUG facility - new levelsPavel Březina2011-08-252-2/+89
| | | | | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/925 Added functions: - debug_convert_old_level() to convert levels 0-9 to appropriate bitmask debug_convert_old_level(5) returns 0x03F0 (= 0 | 1 | 2 | 3 | 4 | 5) - debug_get_level() to convert old level number to its new value debug_get_level(5) returns 0x0200 (= 5) There are several new macros in util/util.h: - SSSDBG_* to reflect a debug level (same names as in the ticket) - please, don't use magic numbers anymore
* Improve password policy error code and messageSumit Bose2011-08-251-4/+9
| | | | | | Instead of returning PAM_SYSTEM_ERR if they necessary attributes for the requested password policy cannot be found we return PAM_PERM_DENIED. Additionally the log message says that the access is denied.
* Return the first value of name if the multivalued name attribute does not ↵Jakub Hrozek2011-08-251-3/+4
| | | | | | match RDN https://fedorahosted.org/sssd/ticket/926
* IPA dyndns: do not segfault if the server cannot be resolvedJakub Hrozek2011-08-251-4/+2
| | | | https://fedorahosted.org/sssd/ticket/963
* Handle timeout during sss_ldap_init_sendJakub Hrozek2011-08-153-3/+41
| | | | | | | | | In some cases, where there would be no response from the LDAP server, there would be no R/W events on the LDAP fd, so sdap_async_sys_connect_done would never be called. This patch adds a tevent timer that cancels the connection after SDAP_NETWORK_TIMEOUT seconds.
* Do not delete requests inside hash_iterate loopJakub Hrozek2011-08-151-10/+12
|
* Handle errno properly in set_debug_file_from_fd()Jakub Hrozek2011-08-151-2/+5
|
* Moved some functions in sdap_async_initgroupsJan Zeleny2011-08-151-345/+349
|
* Moved some functions in sdap_async_groupsJan Zeleny2011-08-151-122/+112
|
* Confusing part of code cleared outJan Zeleny2011-08-151-34/+32
|
* sdap_async_accounts.c splitJan Zeleny2011-08-154-2514/+2588
| | | | | | | | | The file has been split in three: sdap_async_users.c sdap_async_groups.c sdap_async_initgroups.c https://fedorahosted.org/sssd/ticket/864
* Remaining memory context variables renamedJan Zeleny2011-08-152-75/+75
| | | | | memctx to mem_ctx tmpctx to tmp_ctx
* sysdb refactoring: memory context deletedJan Zeleny2011-08-1520-455/+429
| | | | | | This patch deletes memory context parameter in those places in sysdb where it is not necessary. The code using modified functions has been updated. Tests updated as well.
* sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny2011-08-1542-538/+254
| | | | | The patch also updates code using modified functions. Tests have also been adjusted.
* Added sysdb_ctx_get_domain functionJan Zeleny2011-08-152-0/+7
|
* sysdb refactoring: renamed ctx variable to sysdbJan Zeleny2011-08-154-348/+348
|
* Use sysdb attribute name for GID, not LDAP attributeStephen Gallagher2011-08-111-3/+3
|
* Allow the O_NONBLOCK flag to be reset correctlyRalf Haferkamp2011-08-111-14/+0
| | | | | | | | | | sssd set the O_NONBLOCK flag on the LDAP socket twice. First in set_fd_flags_and_opts(). And the second time in sdap_async_sys_connect_send() after storing a backup in the local state structure. The backup is later used to restore the original flags (after connect() succeeded). As NONBLOCK was already set before it didn't correctly reset that flag. https://fedorahosted.org/sssd/ticket/952
* Fix potential double-free issueStephen Gallagher2011-08-101-1/+1
| | | | tmp_ctx is a child of ctx.
* Cancel sysdb upgrade transaction if commit failsStephen Gallagher2011-08-101-60/+30
|
* Remove unused temporary contextJakub Hrozek2011-08-081-5/+0
|
* Prevent segfault if vetoed_shells are specified without allowed_shellsJakub Hrozek2011-08-081-16/+19
| | | | https://fedorahosted.org/sssd/ticket/954
* Fixed implicit declaration of function 'time' in src/sss_client/common.c.Pavel Březina2011-08-081-0/+1
|
* debug_timestamps fixesPavel Březina2011-08-084-14/+24
| | | | | | Fixed: could not overwrite debug_timestamps when set in sssd.conf Fixed: invalid description of debug_timestamps in sssd man page
* Rename sssd.conf to sssd-example.confStephen Gallagher2011-08-081-1/+1
| | | | | | | This file should not be installed by default. It leads to user confusion. We will instead install it as documentation. Fix incorrect example of entry_cache_nowait_percentage
* Revert "Allow LDAP to decide when an expiration warning is warranted"Stephen Gallagher2011-08-041-4/+3
| | | | This reverts commit b0b9c38dfce3e3ccbfaa4d00fdf2ea08a70d41a6.
generated by cgit (git 2.34.1) at 2024-05-05 01:32:37 +0000