summaryrefslogtreecommitdiffstats
path: root/src/responder/secrets/proxy.c
Commit message (Collapse)AuthorAgeFilesLines
* SECRETS: remove unused variableLukas Slebodnik2017-04-211-5/+0
| | | | Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* secrets: support HTTP basic authentication with proxy providerPavel Březina2017-03-301-0/+9
| | | | | | | | Even though configuration options auth_type = basic, username and password are read they were not used anywhere prior this patch. Reviewed-by: Simo Sorce <simo@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* secrets: allow to configure certificate checkPavel Březina2017-03-301-0/+55
| | | | | | | | | | | | | | | | | | | | | | Some users may want to use TLS with unverified peer (for example if they use self-signed certificate) or if unverified hostname (if certificate hostname does not match with the real hostname). On the other side it may be useful to point to a directory containing custom certificate authorities. This patch add three new options to secrets responder: verify_peer => peer's certificate must be valid verify_host => hostnames must match capath => path to directory containing CA certs cacert => ca certificate cert => client certificate key => client private key Resolves: https://pagure.io/SSSD/sssd/issue/3192 Reviewed-by: Simo Sorce <simo@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* secrets: remove http-parser code in proxy providerPavel Březina2017-03-301-581/+0
| | | | | | | | | | We switche to libcurl in previous patch. This just removes the unused code. Resolves: https://pagure.io/SSSD/sssd/issue/3192 Reviewed-by: Simo Sorce <simo@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* secrets: use tcurl in proxy providerPavel Březina2017-03-301-84/+164
| | | | | | | | | | | | We switch from http-parser to libcurl for an http client. This gaves us many features for free such as tls and http basic authentication support instead of implementing it on our own. Resolves: https://pagure.io/SSSD/sssd/issue/3192 Reviewed-by: Simo Sorce <simo@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* SECRETS: Use HTTP error code 504 when a proxy server cannot be reachedJakub Hrozek2016-10-041-1/+1
| | | | | | | | | | | Previously, a generic 500 error code was returned. This patch adds a new error message on a failure to contact the proxy server and returns 504, "Gateway timeout" instead. Resolves: https://fedorahosted.org/sssd/ticket/3212 Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
* SECRETS: Use a better data type for retJakub Hrozek2016-10-041-2/+2
| | | | | | | Normally we use errno_t for return codes and size_t for counting objects. Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
* SECRETS: Add DEBUG messages to the sssd-secrets providerJakub Hrozek2016-10-041-9/+74
| | | | | | | | | | Previously, it was not possible to follow the flow of the secrets responder or find out what went wrong on error. This patch adds DEBUG messages so that most failure cases have their own message. At the same time, running sssd-secrets with debug_level <= 3 does not emit any messages at all. Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
* Secrets: Add Proxy backendSimo Sorce2016-06-291-0/+977
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
generated by cgit (git 2.34.1) at 2025-09-02 23:42:36 +0000