summaryrefslogtreecommitdiffstats
path: root/src/python
Commit message (Collapse)AuthorAgeFilesLines
* nss-idmap: add sss_nss_getnamebycert()Sumit Bose2016-06-091-2/+45
| | | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* libipa_hbac: Move the library to src/lib/ipa_hbacJakub Hrozek2016-03-121-1/+1
| | | | | | | | | | | Moving the library to the lib directory will force maintainers to think twice about changes, because it would be obvious this is a library. Also don't use includes from sssd source tree paths, but add the util path to Makefile's CFLAGS so that other projects can copy the hbac_evaluator.c file verbatim. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* Fix typos reported by lintianLukas Slebodnik2016-02-231-1/+1
| | | | Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* pyhbac: Fix warning Wsign-compareLukas Slebodnik2016-01-291-7/+11
| | | | | | | | | | | | | | | | | | | | src/python/pyhbac.c: In function ‘HbacRuleElement_repr’: src/python/pyhbac.c:506:59: error: comparison between signed and unsigned integer expressions [-Werror=sign-compare] if (strnames == NULL || strgroups == NULL || category == -1) { ^ src/python/pyhbac.c: In function ‘HbacRuleElement_to_native’: src/python/pyhbac.c:614:51: error: comparison between signed and unsigned integer expressions [-Werror=sign-compare] if (!el->names || !el->groups || el->category == -1) { ^ The static function native_category had type of terurn value uint32_t But it also could return -1 which indicated an error. It's better to don't mix return code with returned value. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* pysss_murmur: Fix warning Wsign-compareLukas Slebodnik2016-01-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | src/python/pysss_murmur.c: In function ‘py_murmurhash3’: src/python/pysss_murmur.c:47:17: error: comparison between signed and unsigned integer expressions [-Werror=sign-compare] key_len > strlen(key)) { ^ uint32_t murmurhash3(const char *key, int len, uint32_t seed) The second argument of the function murmurhash3 has type int. But the code expects to be unsigned integer. There is code in python wrapper py_murmurhash3 which check boundaries of that argument. It should be an unsigned "key_len > INT_MAX || key_len < 0". An exception should be thrown for negative number. Moreover, the length should be shorter then a length of input string. The strlen returns size_t which is unsigned and key_len is signed long. We already checked that value is unsigned so we can safely cast key_len to size_t Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* UTIL: Remove python wrapper sss_python_unicode_from_stringLukas Slebodnik2015-02-251-9/+9
| | | | | | The function PyUnicode_FromString is available in python >= 2.6 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* UTIL: Remove python wrapper sss_python_set_checkLukas Slebodnik2015-02-251-1/+1
| | | | | | The macro PySet_Check is defined in python >= 2.6 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* UTIL: Remove python wrapper sss_python_set_addLukas Slebodnik2015-02-251-2/+2
| | | | | | The function PySet_Add is available in python >= 2.6 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* UTIL: Remove python wrapper sss_python_set_newLukas Slebodnik2015-02-251-2/+2
| | | | | | The function PySet_New is available in python >= 2.6 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
* Fix warning: equality comparison with extraneous parenthesesLukas Slebodnik2015-02-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | | Example of warning: src/sss_client/libwbclient/wbc_pwd_sssd.c:246:23: error: equality comparison with extraneous parentheses [-Werror,-Wparentheses-equality] if (((wbc_status) == WBC_ERR_SUCCESS)) { ~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~ src/sss_client/libwbclient/wbc_pwd_sssd.c:246:23: note: remove extraneous parentheses around the comparison to silence this warning if (((wbc_status) == WBC_ERR_SUCCESS)) { ~ ^ ~ src/sss_client/libwbclient/wbc_pwd_sssd.c:246:23: note: use '=' to turn this equality comparison into an assignment if (((wbc_status) == WBC_ERR_SUCCESS)) { ^~ = The reason is definition of some macros which were used in if conditions. Reviewed-by: Michal Židek <mzidek@redhat.com>
* pysss: Fix double freeLukas Slebodnik2015-01-291-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The talloc context is removed in destructor. ==1695== Invalid read of size 4 ==1695== at 0x1243D0CD: talloc_chunk_from_ptr (talloc.c:372) ==1695== by 0x1243D0CD: _talloc_free (talloc.c:1559) ==1695== by 0x117B18C3: PySssLocalObject_dealloc (pysss.c:836) ==1695== by 0x117B1AEE: PySssLocalObject_new (pysss.c:898) ==1695== by 0x4ED5522: type_call (typeobject.c:729) ==1695== by 0x4E7F902: PyObject_Call (abstract.c:2529) ==1695== by 0x4F15584: do_call (ceval.c:4328) ==1695== by 0x4F15584: call_function (ceval.c:4133) ==1695== by 0x4F15584: PyEval_EvalFrameEx (ceval.c:2753) ==1695== by 0x4F16BE5: fast_function (ceval.c:4196) ==1695== by 0x4F16BE5: call_function (ceval.c:4131) ==1695== by 0x4F16BE5: PyEval_EvalFrameEx (ceval.c:2753) ==1695== by 0x4F183FF: PyEval_EvalCodeEx (ceval.c:3342) ==1695== by 0x4EA46BC: function_call (funcobject.c:526) ==1695== by 0x4E7F902: PyObject_Call (abstract.c:2529) ==1695== by 0x4F1504F: ext_do_call (ceval.c:4423) ==1695== by 0x4F1504F: PyEval_EvalFrameEx (ceval.c:2792) ==1695== by 0x4F183FF: PyEval_EvalCodeEx (ceval.c:3342) ==1695== Address 0x112d4560 is 64 bytes inside a block of size 96 free'd ==1695== at 0x4C2ACE9: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==1695== by 0x1243D2F2: _talloc_free_internal (talloc.c:1057) ==1695== by 0x1243D2F2: _talloc_free (talloc.c:1581) ==1695== by 0x117B1ABF: PySssLocalObject_new (pysss.c:876) ==1695== by 0x4ED5522: type_call (typeobject.c:729) ==1695== by 0x4E7F902: PyObject_Call (abstract.c:2529) ==1695== by 0x4F15584: do_call (ceval.c:4328) ==1695== by 0x4F15584: call_function (ceval.c:4133) ==1695== by 0x4F15584: PyEval_EvalFrameEx (ceval.c:2753) ==1695== by 0x4F16BE5: fast_function (ceval.c:4196) ==1695== by 0x4F16BE5: call_function (ceval.c:4131) ==1695== by 0x4F16BE5: PyEval_EvalFrameEx (ceval.c:2753) ==1695== by 0x4F183FF: PyEval_EvalCodeEx (ceval.c:3342) ==1695== by 0x4EA46BC: function_call (funcobject.c:526) ==1695== by 0x4E7F902: PyObject_Call (abstract.c:2529) ==1695== by 0x4F1504F: ext_do_call (ceval.c:4423) ==1695== by 0x4F1504F: PyEval_EvalFrameEx (ceval.c:2792) ==1695== by 0x4F183FF: PyEval_EvalCodeEx (ceval.c:3342) Reviewed-by: Pavel Reichl <preichl@redhat.com>
* Python3 support in SSSDBohuslav Kabrda2015-01-134-75/+200
| | | | https://fedorahosted.org/sssd/ticket/2017
* pyhbac,pysss: fix reference leaksPavel Reichl2014-10-222-12/+20
| | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/1195 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* pysss: test return value of realloc.Lukas Slebodnik2014-09-051-1/+5
| | | | | | | | | | It is not very likely that realloc will return NULL, but it's better to be defensive. src/python/pysss.c:774: var_assigned: Assigning: "groups" = null return value from "realloc". src/python/pysss.c:788: dereference: Dereferencing a null pointer "groups". Reviewed-by: Pavel Reichl <preichl@redhat.com>
* Remove unused structures.Lukas Slebodnik2014-02-261-11/+0
| | | | | | | | | | Reported by: cppcheck 'struct py_sss_transaction', 'struct resolve_get_domain_stat', 'struct sync_op_res' were defined in implementation modules, but they were not used anywhere. Reviewed-by: Michal Žídek <mzidek@redhat.com>
* Remove unused parameter from groupaddLukas Slebodnik2013-11-271-1/+1
|
* Remove unused parameter from useraddLukas Slebodnik2013-11-271-1/+1
|
* Remove unused parameter from groupmodLukas Slebodnik2013-11-271-1/+1
|
* Remove unused parameter from usermodLukas Slebodnik2013-11-271-1/+1
|
* SYSDB: Drop the sysdb_ctx parameter from the sysdb_search moduleMichal Zidek2013-11-151-2/+0
|
* Clarify that getnamebysid currently works only with ipa/ad id_providerOndrej Kos2013-07-291-1/+3
| | | | https://fedorahosted.org/sssd/ticket/2035
* Every time release allocated memory in function py_sss_getgrouplistLukas Slebodnik2013-07-241-0/+2
| | | | Coverity: 11922
* pysss: prevent crashing when group is unresolvableAlexander Bokovoy2013-07-231-2/+13
| | | | | | In unlikely case that an NSS module returns a reference to a group and we are unable to resolve it shortly after that, make sure these groups are skipped.
* pysss: add pysss.getgrouplist(username)Alexander Bokovoy2013-07-221-0/+59
| | | | | | | | | | getgrouplist(3) call is missing from Python older than Python 3.3 Introduce supplementary binding to provide getgrouplist as part of pysss interface. Since getgrouplist() can be run against any domain, place it at top module rather than pysss.local namespace. pysss.getgrouplist(username) -> tuple(group list as strings)
* pysss_nss_idmap: do not treat strings as sequencesSumit Bose2013-05-231-1/+1
| | | | | | | | The current PySequence_Check() also catches single strings with the effect that the string is split into characters which are send as arguments to SSSD individually. With this patch only tuples and lists are treated as sequences.
* Add support for tuples and unicode pysss_nss_idmap.soSumit Bose2013-05-131-20/+39
| | | | | | | | | https://fedorahosted.org/sssd/ticket/1905 https://fedorahosted.org/sssd/ticket/1914 This patch allows tuples as well as lists as input and adds support for Unicode objects as input and always returns the results as Unicode objects.
* Fix missing initialization in Python bindings for libsss_nss_idmapSumit Bose2013-05-101-1/+1
| | | | | If sss_nss_getsidbyid() fails free() will try to work on an uninitialized value.
* Add python interface to libsss_nss_idmapSumit Bose2013-05-031-0/+351
| | | | | | | | | | To allow to use libsss_nss_idmap from python applications, e.g. the FreeIPA server, the patch adds pythin bindings to libsss_nss_idmap. The contributed spec file will place the python bindings in a new package called libsss_nss_idmap-python. Alexander Bokovoy <abokovoy@redhat.com> kindly provided the code to check the type of the python objects and loop over the list entries.
* Refactor single domain initializationSimo Sorce2013-01-151-2/+3
| | | | | Bring it out of sysdb, which will slowly remove internal dependencies on domains and instead will always require them to be passed by callers.
* Unify usage of sysdb transactionsMichal Zidek2012-08-231-8/+36
| | | | | | Removing bad examples of usage of sysdb_transaction_start/commit/end functions and making it more consistent (all files except of src/db/sysdb_*.c).
* Fix compilation error in Python murmurhash bindingsJakub Hrozek2012-08-161-4/+8
| | | | | | The compilation produced an error due to missing declaration of uint32_t and a couple of warnings caused by different prototypes of argument parsing functions in older Python releases.
* Add python bindings for murmurhash3Sumit Bose2012-08-151-0/+65
|
* PYHBAC: Return NULL on failureJakub Hrozek2012-05-021-0/+1
| | | | The error handler would simply fall through instead of returning NULL.
* Keep sysdb context in domain info structSumit Bose2012-02-291-9/+2
|
* Cleanup: Remove unused parametersJakub Hrozek2011-11-221-13/+10
|
* Multiline macro cleanupJakub Hrozek2011-09-281-1/+1
| | | | | | | | | | This is mostly a cosmetic patch. The purpose of wrapping a multi-line macro in a do { } while(0) is to make the macro usable as a regular statement, not a compound statement. When the while(0) is terminated with a semicolon, the do { } while(0); block becomes a compound statement again.
* sysdb refactoring: deleted domain variables in sysdb APIJan Zeleny2011-08-151-2/+0
| | | | | The patch also updates code using modified functions. Tests have also been adjusted.
* pyhbac: Do not convert int to boolJakub Hrozek2011-08-041-2/+11
|
* HBAC rule validation Python bindingsJakub Hrozek2011-08-011-0/+99
| | | | https://fedorahosted.org/sssd/ticket/943
* Handle allocation error in python HBAC bindingsJakub Hrozek2011-07-271-0/+3
| | | | https://fedorahosted.org/sssd/ticket/934
* Remove dead code from python HBAC bindingsJakub Hrozek2011-07-271-4/+0
| | | | https://fedorahosted.org/sssd/ticket/935
* silence compilation warnings on RHEL5pbrezina2011-07-271-12/+13
| | | | https://fedorahosted.org/sssd/ticket/930
* Fix python HBAC bindings for python <= 2.4Jakub Hrozek2011-07-131-81/+120
| | | | | | | | | | | | | | | Several parts of the HBAC python bindings did not work with old Python versions, such as the one shipped in RHEL5. The changes include: * a compatibility wrapper around python set object * PyModule_AddIntMacro compat macro * Py_ssize_t compat definition * Do not use PyUnicode_FromFormat * several function prototypes and structures used to have "char arguments where they have "const char *" in recent versions. This caused compilation warnings this patch mitigates by using the discard_const hack on python 2.4
* Fixes for python HBAC bindingsJakub Hrozek2011-07-131-12/+82
| | | | | | | | | These changes were proposed during a review: * Change the signature of str_concat_sequence() to const char * * use a getsetter for HbacRule.enabled to allow string true/false and integer 1/0 in addition to bool * fix a minor memory leak (HbacRequest.rule_name) * remove overzealous discard consts
* Provide python bindings for the HBAC evaluator libraryJakub Hrozek2011-07-081-0/+1741
|
* Python bindings for obfuscationJakub Hrozek2010-09-081-3/+180
|
* tools: remove creation of event_contextSimo Sorce2010-04-121-21/+0
| | | | | Since the sysdb is now synchronous and creates its own event context we don't need an explicit event context anymore in the tools.
* sysydb: Finally stop using a common event contextSimo Sorce2010-04-121-1/+1
| | | | This commit completes the migration to a synchronous sysdb
* sysdb: remove remaining traces of sysdb_handleSimo Sorce2010-04-121-1/+0
|
* sysdb: convert sysdb_getpwnamSimo Sorce2010-04-121-2/+2
|