sssd.git/src/responder/common, branch token3 System Security Services Daemon [okos' clone] DP: Use the correct type for DBus boolean 2013-08-28T17:28:22+00:00 Jakub Hrozek jhrozek@redhat.com 2013-08-26T14:47:58+00:00 46c5deedec570bb5f99702a933ba99d76f9f09cb https://fedorahosted.org/sssd/ticket/2057 
https://fedorahosted.org/sssd/ticket/2057
sss_packet_grow: correctly pad packet length to 512B 2013-08-28T14:21:22+00:00 Pavel Březina pbrezina@redhat.com 2013-08-22T12:38:54+00:00 3575235d62fa242d9a650ee54425f42b19533cb0 https://fedorahosted.org/sssd/ticket/2059 If len % SSSSRV_PACKET_MEM_SIZE == 0 or some low number, we can end up with totlen < len and return EINVAL. It also does not pad the length, but usually allocates much more memory than is desired. len = 1024 n = 1024 % 512 + 1 = 0 + 1 = 1 totlen = 1 * 512 = 512 => totlen < len len = 511 n = 511 % 512 + 1 = 511 + 1 totlen = 512 * 512 = 262144 totlen is way bigger than it was supposed to be 
https://fedorahosted.org/sssd/ticket/2059

If len % SSSSRV_PACKET_MEM_SIZE == 0 or some low number,
we can end up with totlen < len and return EINVAL.

It also does not pad the length, but usually allocates
much more memory than is desired.

len = 1024
n = 1024 % 512 + 1 = 0 + 1 = 1
totlen = 1 * 512 = 512
=> totlen < len

len = 511
n = 511 % 512 + 1 = 511 + 1
totlen = 512 * 512 = 262144
totlen is way bigger than it was supposed to be
Missing space in debug message 2013-07-15T14:07:58+00:00 Michal Zidek mzidek@redhat.com 2013-07-15T11:03:04+00:00 1d4293f36695daab5909b9eaa670e8e23db548aa 






Lookup domains at startup
2013-06-04T15:24:13+00:00

Sumit Bose
sbose@redhat.com

2013-05-31T08:52:05+00:00

909a86af4eb99f5d311d7136cab78dca535ae304

To make sure that e.g. the short/NetBIOS domain name is available this
patch make sure that the responders send a get_domains request to their
backends at startup the collect the domain information or read it from
the cache if the backend is offline.

For completeness I added this to all responders even if they do not need
the information at the moment.

Fixes https://fedorahosted.org/sssd/ticket/1951





To make sure that e.g. the short/NetBIOS domain name is available this
patch make sure that the responders send a get_domains request to their
backends at startup the collect the domain information or read it from
the cache if the backend is offline.

For completeness I added this to all responders even if they do not need
the information at the moment.

Fixes https://fedorahosted.org/sssd/ticket/1951







Fixing critical format string issues.
2013-05-20T20:37:25+00:00

Lukas Slebodnik
lslebodn@redhat.com

2013-05-17T15:36:38+00:00

7486dea9f5f7b2a6fbbacc6db740a82140b6377c

--missing arguments.
--format '%s', but argument is integer.
--wrong format string, examle: '%\n'





--missing arguments.
--format '%s', but argument is integer.
--wrong format string, examle: '%\n'







Add sss_ncache_set_sid() and sss_ncache_check_sid()
2013-05-02T17:33:56+00:00

Sumit Bose
sbose@redhat.com

2013-04-22T14:26:56+00:00

b5afbc39c09baaef57b5300b636307e277c59d66

Two new calls are added to allow to add SID based lookups to the
negative cache.





Two new calls are added to allow to add SID based lookups to the
negative cache.







Add responder_get_domain_by_id()
2013-05-02T17:33:56+00:00

Sumit Bose
sbose@redhat.com

2013-04-19T09:54:14+00:00

498dcbdfdfffa1aee65d53e83c7eafd5e3b084a5

This new call is similar to responder_get_domain() but uses the domain
SID as search parameter. Since the length of the stored domain SID is
used in the comparison, SIDs of users and groups and be used directly
without stripping the RID component.

The functionality is not merged into responder_get_domain() to allow to
calculate the timeout correctly and return a specific error code if the
entry is expired.





This new call is similar to responder_get_domain() but uses the domain
SID as search parameter. Since the length of the stored domain SID is
used in the comparison, SIDs of users and groups and be used directly
without stripping the RID component.

The functionality is not merged into responder_get_domain() to allow to
calculate the timeout correctly and return a specific error code if the
entry is expired.







Add two new request types to the data-provider interface
2013-05-02T17:33:56+00:00

Sumit Bose
sbose@redhat.com

2013-04-22T14:29:51+00:00

f0944fdd627bd684ff36c9670dc857ffdedc343f

The patch adds two new request types for SID related requests. The first
one is used if a SID is given and the corresponding object should be
found. The second one can be used if the SID for an object is requested
but it is not clear if the object is a user or a group.





The patch adds two new request types for SID related requests. The first
one is used if a SID is given and the corresponding object should be
found. The second one can be used if the SID for an object is requested
but it is not clear if the object is a user or a group.







Add secid filter to responder-dp protocol
2013-05-02T17:33:56+00:00

Sumit Bose
sbose@redhat.com

2013-04-11T16:23:27+00:00

206329d3901738036352f2ac1e8d7804f728861d

This patch add a new filter type to the data-provider interface which
can be used for SID-based lookups.





This patch add a new filter type to the data-provider interface which
can be used for SID-based lookups.







responder_get_domain(): remove timeout calculation
2013-05-02T17:33:56+00:00

Sumit Bose
sbose@redhat.com

2013-04-18T14:29:21+00:00

5a6e3cb57cf2d8d4118b58be0574cccea171ca19

The current timout calculation code in responder_get_domain() is flawed
and I think it always was. I removed the related code because
- it currently has no effect, a match is returned even if it is expired
- that callers do not have any code to handle expired domains.





The current timout calculation code in responder_get_domain() is flawed
and I think it always was. I removed the related code because
- it currently has no effect, a match is returned even if it is expired
- that callers do not have any code to handle expired domains.