sssd_unused.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Write SELinux config files in responder instead of PAM module	Jan Zeleny	2012-07-27	1	-95/+0
\|
*	Move SELinux processing from session to account PAM stack	Jan Zeleny	2012-07-27	1	-55/+55
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	The idea is to rename session provider to selinux provider. Processing of SELinux rules has to be performed in account stack in order to ensure that pam_selinux (which is the first module in PAM session stack) will get the correct input from SSSD. Processing of account PAM stack is bound to access provider. That means we need to have two providers executed when SSS_PAM_ACCT_MGMT message is received from PAM responder. Change in data_provider_be.c ensures just that - after access provider finishes its actions, the control is given to selinux provider and only after this provider finishes is the result returned to PAM responder.
*	SSS_CLIENT: Fix uninitialized value error	Stephen Gallagher	2012-06-15	1	-1/+1
\| \| \| \| \|	This would cause a crash if we jump to the done: label before it has been allocated.
*	Provide "service filter" for SELinux context	Jan Zeleny	2012-06-14	1	-0/+20
\| \| \| \| \| \| \|	At this moment we will support only asterisk, designating "all services". https://fedorahosted.org/sssd/ticket/1360
*	Always use positional arguments in translatable strings	Stephen Gallagher	2012-05-22	1	-2/+2
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1336
*	PAM_SSS: report error code if write fails	Jakub Hrozek	2012-05-02	1	-2/+2
\| \| \| \| \|	clang had reported this as "value of ret is never used", I think it would be nice to report a meaningful error message.
*	Convert read and write operations to sss_atomic_read	Jakub Hrozek	2012-04-20	1	-25/+25
\| \| \| \|	https://fedorahosted.org/sssd/ticket/1209
*	pam_sss: improve error handling in SELinux code	Jakub Hrozek	2012-04-18	1	-3/+5
\|
*	pam_sss: keep selinux optional	Simo Sorce	2012-02-23	1	-0/+6
\| \| \| \|	Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
*	Fix missing NULL check after malloc	Stephen Gallagher	2012-02-13	1	-0/+4
\| \| \| \|	Coverity #12528
*	SELinux support in PAM module	Jan Zeleny	2012-02-06	1	-1/+60
\|
*	Fixed incorrect return code in PAM client	Jan Zeleny	2011-12-08	1	-1/+1
\| \| \| \| \| \| \|	The original return code when SSSD was not running was system_err, now it is authinfo_unavail. https://fedorahosted.org/sssd/ticket/1011
*	Cleanup: Remove unused parameters	Jakub Hrozek	2011-11-22	1	-8/+2
\|
*	Added quiet option to pam_sss	Pavel Březina	2011-09-20	1	-5/+25
\| \| \| \|	https://fedorahosted.org/sssd/ticket/894
*	Import config.h earlier	Stephen Gallagher	2011-05-23	1	-1/+1
\| \| \| \| \| \|	On RHEL 5 and other older platforms, failing to set _GNU_SOURCE early would cause some functions - such as strndup() - to be unavailable.
*	Set _GNU_SOURCE globally	Sumit Bose	2011-05-23	1	-4/+0
\|
*	Use neutral name for functions used by both pam and nss	Simo Sorce	2011-02-11	1	-1/+1
\|
*	Fix wrong test in pam_sss	Simo Sorce	2010-12-17	1	-1/+1
\|
*	Fix segfault for PAM_TEXT_INFO conversations	Stephen Gallagher	2010-12-16	1	-1/+1
\|
*	Fix possible memory leak in do_pam_conversation	Sumit Bose	2010-12-15	1	-16/+28
\| \| \| \|	https://fedorahosted.org/sssd/ticket/731
*	Fix improper bit manipulation in pam_sss	Sumit Bose	2010-12-14	1	-1/+1
\| \| \| \|	https://fedorahosted.org/sssd/ticket/715
*	Fix cast warning for pam_sss.c	Stephen Gallagher	2010-11-15	1	-8/+11
\|
*	Avoid long long in messages to PAM client use int64_t	Sumit Bose	2010-11-15	1	-6/+6
\|
*	Properly handle read() and write() throughout the SSSD	Stephen Gallagher	2010-06-10	1	-1/+1
\| \| \| \| \| \| \|	We need to guarantee at all times that reads and writes complete successfully. This means that they must be checked for returning EINTR and EAGAIN, and all writes must be wrapped in a loop to ensure that they do not truncate their output.
*	Add a missing free()	Sumit Bose	2010-06-09	1	-0/+1
\|
*	Avoid a potential double-free	Sumit Bose	2010-06-09	1	-0/+1
\|
*	Handle Krb5 password expiration warning	Sumit Bose	2010-05-26	1	-1/+13
\|
*	Add retry option to pam_sss	Sumit Bose	2010-05-07	1	-92/+147
\|
*	Improve the offline authentication message	Jakub Hrozek	2010-05-07	1	-2/+2
\|
*	Fix wrong return value	Sumit Bose	2010-04-30	1	-15/+14
\| \| \| \| \|	If there was a failure during a password change a wrong return value was send back to the PAM stack.
*	Display a message if a password reset by root fails	Sumit Bose	2010-04-26	1	-8/+198
\|
*	Unset authentication tokens if password change fails	Sumit Bose	2010-04-26	1	-27/+52
\|
*	Use SO_PEERCRED on the PAM socket	Sumit Bose	2010-04-16	1	-1/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This is the second attempt to let the PAM client and the PAM responder exchange their credentials, i.e. uid, gid and pid. Because this approach does not require any message interchange between the client and the server the protocol version number is not changed. On the client side the connection is terminated it the responder is not run by root. On the server side the effective uid and gid and the pid of the client are available for future use. The following additional changes are made by this patch: - the checks of the ownership and the permissions on the PAM sockets are enhanced - internal error codes are introduced on the client side to generate more specific log messages if an error occurs
*	Allow arbitrary-length PAM messages	Stephen Gallagher	2010-03-25	1	-3/+20
\| \| \| \| \| \| \| \| \|	The PAM standard allows for messages of any length to be returned to the client. We were discarding all messages of length greater than 255. This patch dynamically allocates the message buffers so we can pass the complete message. This resolves https://fedorahosted.org/sssd/ticket/432
*	Improvements for LDAP Password Policy support	Ralf Haferkamp	2010-03-22	1	-0/+82
\| \| \| \| \| \| \| \|	Display warnings about remaining grace logins and password expiration to the user, when LDAP Password Policies are used. Improved detection if LDAP Password policies are supported by LDAP Server.
*	Prompt for old password even when running as root	Ralf Haferkamp	2010-03-15	1	-2/+4
\| \| \| \| \|	When changing an expired password (during e.g. login) the PAM module needs to prompt for the old password even when running as root.
*	Warn user about an expired password	Ralf Haferkamp	2010-03-15	1	-1/+6
\|
*	Define _GNU_SOURCE in pam_sss.c.	George McCollister	2010-03-04	1	-0/+4
\| \| \| \| \|	_GNU_SOURCE needs to be defined when using strndup. Signed-off-by: George McCollister <georgem@novatech-llc.com>
*	Handle expired passwords like other PAM modules	Sumit Bose	2010-02-23	1	-18/+31
\| \| \| \| \| \| \| \| \| \| \| \| \|	So far we handled expired password during authentication. Other PAM modules typically detect expired password during account management and return PAM_NEW_AUTHTOK_REQD if the password is expired and should be changed. The PAM library then calls the change password routines. To meet these standards pam_sss is change accordingly. As a result it is now possible to update an expired password via ssh if sssd is running with PasswordAuthentication=yes. One drawback due to limitations of PAM is that the user now has to type his current password again before setting a new one.
*	Fix licensing issues for sss_client	Stephen Gallagher	2010-02-18	1	-3/+3
\|
*	Rename server/ directory to src/	Stephen Gallagher	2010-02-18	1	-0/+1166
	Also update BUILD.txt