summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Set _GNU_SOURCE globallySumit Bose2011-05-2313-23/+13
|
* Use dereference when processing RFC2307bis nested groupsJakub Hrozek2011-05-209-17/+487
| | | | | | | | Instead of issuing N LDAP requests when processing a group with N users, utilize the dereference functionality to pull down all the members in a single LDAP request. https://fedorahosted.org/sssd/ticket/799
* Refactor RFC2307bis nested group processingJakub Hrozek2011-05-201-123/+188
| | | | | | This patch splits checking cache and hash tables into standalone functions. This will make it easy to reuse the code in a new branch that uses dereferencing.
* Use fake users during RFC2307bis nested group processingJakub Hrozek2011-05-201-13/+165
| | | | | | Instead of downloading complete user data which is potentionally very slow, only download the necessary minimum information and store the users as dummy entries.
* Change sysdb_add_fake_user to add OriginalDNJakub Hrozek2011-05-203-3/+11
| | | | | RFC2307bis code relies heavily on originalDN, so the fake users need to have an option to store it, too.
* Generic dereference searchJakub Hrozek2011-05-202-0/+157
| | | | | | A generic wrapper around ASQ and OpenLDAP dereference searches. https://fedorahosted.org/sssd/ticket/635
* OpenLDAP dereference searchesJakub Hrozek2011-05-203-0/+376
| | | | | | | | This dereference method is supported at least by OpenLDAP and 389DS/RHDS For more details, see: http://tools.ietf.org/html/draft-masarati-ldap-deref-00
* Add support for Attribute Scoped QueriesJakub Hrozek2011-05-202-0/+207
| | | | | | For more details on ASQ, see: http://msdn.microsoft.com/en-us/library/aa366976%28VS.85%29.aspx http://msdn.microsoft.com/en-us/library/aa746418%28v=VS.85%29.aspx
* Generic dereference data structures and utilitiesJakub Hrozek2011-05-202-0/+45
| | | | These will be shared by both dereference methods in a later patch.
* sdap_get_generic_extJakub Hrozek2011-05-201-73/+202
| | | | | | | | | | | Add a private sdap_get_generic_ext_send()/_recv() request that exposes more of ldap_search_ext options, in particular the server contols. The existing sdap_generic_search_send()/_recv() request is now a thin wrapper around the new _ext request. The other important change is that an entry parsing is a callback now. That was done in order to allow custom parsing for results such as OpenLDAP deref or Attribute Scoped Queries.
* Add new options to override shell valueJakub Hrozek2011-05-208-1/+188
| | | | https://fedorahosted.org/sssd/ticket/742
* Add a new option to override home directory valueJakub Hrozek2011-05-209-2/+192
| | | | https://fedorahosted.org/sssd/ticket/551
* Add a new option to override primary GID numberJakub Hrozek2011-05-208-2/+33
| | | | https://fedorahosted.org/sssd/ticket/742
* Fixed copying of pam_data structureJan Zeleny2011-05-201-0/+1
| | | | | Related ticket: https://fedorahosted.org/sssd/ticket/855
* Rename label in expand_ccname_templateJakub Hrozek2011-05-201-17/+17
| | | | The label was named fail but used also in success cases.
* Remove append_attrs_to_arrayJakub Hrozek2011-05-202-12/+0
| | | | This function was not used anywhere
* IPA Provider: don't fail if user is not a member of any groupsStephen Gallagher2011-05-201-2/+5
|
* Fixed uninitialized value in sss_cacheJan Zeleny2011-05-161-0/+1
| | | | https://fedorahosted.org/sssd/ticket/865
* Fixed unitialized pointer in select_principal_from_keytabJan Zeleny2011-05-161-1/+1
| | | | https://fedorahosted.org/sssd/ticket/857
* Fixed unitialized return value in match_principalJan Zeleny2011-05-161-2/+1
| | | | https://fedorahosted.org/sssd/ticket/858
* Possible memory leak fixedJan Zeleny2011-05-161-1/+1
|
* Fixed wrong variable in sdap_initgr_nested_storeJan Zeleny2011-05-161-1/+1
|
* Fixed --debug-to-files for nss and pam servicesJan Zeleny2011-05-161-4/+4
| | | | | This error caused that monitor didn't pass --debug-to-files option to nss and pam services when creating them.
* Set c-ares to retry nameserversJakub Hrozek2011-05-121-1/+1
| | | | https://fedorahosted.org/sssd/ticket/867
* Use a temporary memory context in expand_ccname_templateJakub Hrozek2011-05-121-20/+33
|
* Add support for openldap24 package on RHEL 5.7Sumit Bose2011-05-061-0/+21
|
* Allow changing the log level without restartStephen Gallagher2011-05-0610-17/+89
| | | | | | We will now re-read the confdb debug_level value when processing the monitor_common_logrotate() function, which occurs when the monitor receives a SIGHUP.
* Create common sss_monitor_init()Stephen Gallagher2011-05-064-69/+55
| | | | | | | | This was implemented almost identically for both the responders and the providers. It is easier to maintain as a single routine. This patch also adds the ability to provide a private context to attach to the sbus_connection for later use.
* Remove unused constants from data_provider.hJakub Hrozek2011-05-061-11/+0
|
* Do not leak netgroups hash tableJakub Hrozek2011-05-061-0/+12
|
* Added some kerberos functions for building on RHEL5Jan Zeleny2011-05-054-8/+192
|
* Man page for sss_cacheJan Zeleny2011-05-042-1/+123
|
* Some minor fixes and changes in sysdb_opsJan Zeleny2011-05-041-17/+40
|
* Cache cleaning toolJan Zeleny2011-05-041-0/+360
|
* Add a function for searching netgroups with custom filterJan Zeleny2011-05-042-0/+65
|
* Make sysdb_ctx_list public structureJan Zeleny2011-05-043-8/+53
| | | | Also create a routine to initialize it
* Fixed lastUSN checking improvementsJan Zeleny2011-05-043-5/+23
| | | | | | | | This patch fixes some issues with setting lastUSN attribute and it adds check against the highest user/group USN after enumeration to keep better track of the real highest USN. Optimal solution here would be to schedule a check of rootDSE entry right after the enumeration finishes, but for the moment this is good enough.
* Override config file debug_level with command-lineStephen Gallagher2011-05-044-22/+66
| | | | | | | | | | | This patch also makes the following changes: 1) The [sssd] debug_level setting no longer acts as a default for all other sections. 2) We will now skip passing the debug argument to the child processes from the master unless the SSSD was run with a command-line argument for the debug level. https://fedorahosted.org/sssd/ticket/764
* Do not leak LDAP URI with high log levelJakub Hrozek2011-05-041-2/+7
|
* Do not leak pcre contextJakub Hrozek2011-05-041-0/+12
|
* clients: use poll instead of selectSimo Sorce2011-05-031-9/+6
| | | | | | | select is limited to fd numbers up to 1024, we need to use poll() here to avoid causing memory corruption in the calling process. Fixes: https://fedorahosted.org/sssd/ticket/861
* Fix minor typo in error messageStephen Gallagher2011-05-021-1/+1
| | | | https://fedorahosted.org/sssd/ticket/825
* Return pam data to the renewal item if renewal failsSumit Bose2011-05-021-4/+9
| | | | | | | | | A previous patch changed a talloc_steal() into a talloc_move(). Now it is not enough to change the parent memory context with talloc_steal to give back the data, but it has to be assigned back too. Additionally this patch uses the missing pam data as an indication that a renewal request for this data is currently running.
* Fix order of arguments in select_principal_from_keytab() callJakub Hrozek2011-04-291-1/+1
|
* Fix bad password caching when using automatic TGT renewalStephen Gallagher2011-04-291-3/+12
| | | | Fixes CVE-2011-1758, https://fedorahosted.org/sssd/ticket/856
* Fix segfault in IPA providerStephen Gallagher2011-04-291-2/+2
| | | | | | We were trying to request the krb5 keytab from the auth provider configuration, but it hasn't yet been set up. Much better to use the value in the ID provider.
* Fix IPA config bug with SDAP_KRB5_REALMStephen Gallagher2011-04-281-1/+1
|
* Do not leak LDAP paging controlsJakub Hrozek2011-04-281-0/+5
|
* Regular translation updateStephen Gallagher2011-04-276-939/+1562
|
* Add "description" option to SSSDConfig APIStephen Gallagher2011-04-272-0/+3
| | | | https://fedorahosted.org/sssd/ticket/850
generated by cgit (git 2.34.1) at 2024-06-10 10:52:18 +0000