sssd.git/src/responder, branch subdommem System Security Services Daemon [okos' clone] SUDO: realloc with sizeof(uint32_t) when adding uint32_t 2013-07-22T11:51:31+00:00 Jakub Hrozek jhrozek@redhat.com 2013-07-22T07:56:45+00:00 1b3144586978c47506eaa39db505e6231e3b0c0a 






Do not try to set password when authtok_length is zero
2013-07-18T14:04:42+00:00

Ondrej Kos
okos@redhat.com

2013-06-24T14:58:23+00:00

3df593099ecb4b7570548bc14ca58960f79bc9b2

https://fedorahosted.org/sssd/ticket/1814

When the authtok_length is zero, it shouldn't call
sss_authtok_set_password, because it tries to determine lenght of passed
string by itself and would read parts of DBus message behind boundaries
of authtok.





https://fedorahosted.org/sssd/ticket/1814

When the authtok_length is zero, it shouldn't call
sss_authtok_set_password, because it tries to determine lenght of passed
string by itself and would read parts of DBus message behind boundaries
of authtok.







remove unused variable
2013-07-16T17:24:14+00:00

Pavel Březina
pbrezina@redhat.com

2013-07-16T11:29:21+00:00

9c25d1420ddf482b01bdaba54a15bce8a6f32943












Remove unused function parameter
2013-07-16T09:01:39+00:00

Lukas Slebodnik
lslebodn@redhat.com

2013-07-16T07:45:27+00:00

bb7a0bba7dd76571fdc539438d6376aa538f8b23












Missing space in debug message
2013-07-15T14:07:58+00:00

Michal Zidek
mzidek@redhat.com

2013-07-15T11:03:04+00:00

1d4293f36695daab5909b9eaa670e8e23db548aa












Do not call sss_cmd_done in function check_cache.
2013-06-27T18:51:28+00:00

Lukas Slebodnik
lslebodn@redhat.com

2013-06-25T07:44:17+00:00

6e2c5a81b6af083d7909a18881971b5d907d65b1

Function sysdb_getpwnam return more results than 1 and therefore sss_cmd_done
was called. Inside of function sss_cmd_done memory was freed,
but this freed memory was used in caller functions, therefore sssd crashed.

https://fedorahosted.org/sssd/ticket/1980





Function sysdb_getpwnam return more results than 1 and therefore sss_cmd_done
was called. Inside of function sss_cmd_done memory was freed,
but this freed memory was used in caller functions, therefore sssd crashed.

https://fedorahosted.org/sssd/ticket/1980







Handle too many results from getnetgr.
2013-06-27T18:51:28+00:00

Lukas Slebodnik
lslebodn@redhat.com

2013-06-25T07:01:45+00:00

f2022f7ba55973ae8b8baf2d4307322a180357b9












SSH: Update known_hosts file after unsuccessful requests as well.
2013-06-27T17:02:50+00:00

Jan Cholasta
jcholast@redhat.com

2013-05-27T15:10:59+00:00

374c4f45cc8823a7bd7de12528b74dd860541d6c

https://fedorahosted.org/sssd/ticket/1949





https://fedorahosted.org/sssd/ticket/1949







sudo responder: use different callback for oob refresh
2013-06-27T11:50:48+00:00

Pavel Březina
pbrezina@redhat.com

2013-06-26T08:31:18+00:00

895ba2c346beb7e55d43be3d0c7f54fd287faa74

https://fedorahosted.org/sssd/ticket/1693

Since we don't care about returned values from out of band refresh,
we do not need to set callback data. However, this caused talloc
to abort as it considers it as type mismatch when called from
tevent_req_callback_data().





https://fedorahosted.org/sssd/ticket/1693

Since we don't care about returned values from out of band refresh,
we do not need to set callback data. However, this caused talloc
to abort as it considers it as type mismatch when called from
tevent_req_callback_data().







PAC: do not delete originalDN or cached password if present
2013-06-24T13:17:20+00:00

Sumit Bose
sbose@redhat.com

2013-06-24T10:51:53+00:00

0535ad2bee920be5c07ee207903c2196eb19c02f

If the PAC responder recognizes some attribute changes between the
cached user entry and the PAC data it quite crudely just removes the
cached entry and recreates it. While in most cases all needed data can
be recovered from the PAC data there is a case where it is not possible.

E.g the IPA HBAC code use the OriginalDN attribute to improve
performance when evaluating access rules. This patch makes sure this
attribute is not lost when the PAC responder updates the object.





If the PAC responder recognizes some attribute changes between the
cached user entry and the PAC data it quite crudely just removes the
cached entry and recreates it. While in most cases all needed data can
be recovered from the PAC data there is a case where it is not possible.

E.g the IPA HBAC code use the OriginalDN attribute to improve
performance when evaluating access rules. This patch makes sure this
attribute is not lost when the PAC responder updates the object.