summaryrefslogtreecommitdiffstats
path: root/src/responder
Commit message (Collapse)AuthorAgeFilesLines
* Remove unused parameter from sudosrv_get_sudorules_query_cacheLukas Slebodnik2013-11-271-4/+2
|
* pac: fix potential memory leaksPavel Březina2013-11-221-5/+5
|
* pac: fix double freePavel Březina2013-11-221-8/+6
|
* do not use default_domain_suffix with autofsAron Parsons2013-11-181-1/+1
|
* nss: check for Well-Known SIDs in SID based requestsSumit Bose2013-11-151-0/+134
|
* nss: save global name configuration to the nss contextSumit Bose2013-11-152-0/+7
|
* Add sss_packet_get_status()Sumit Bose2013-11-152-0/+10
| | | | | sss_packet_get_status() will currently only used to test if packets have the right status set.
* SYSDB: Drop the sysdb_ctx parameter - module sysdb_ops (part 2)Michal Zidek2013-11-155-18/+16
|
* SYSDB: Drop the sysdb_ctx parameter from the sysdb_sudo.c moduleJakub Hrozek2013-11-151-2/+2
|
* SYSDB: Drop the sysdb_ctx parameter - module sysdb_ops (part 1)Michal Zidek2013-11-154-15/+14
|
* SYSDB: Drop the sysdb_ctx parameter from the sysdb_ssh moduleMichal Zidek2013-11-151-4/+3
|
* SYSDB: Drop the sysdb_ctx parameter from the sysdb_services moduleMichal Zidek2013-11-151-12/+8
|
* SYSDB: Drop the sysdb_ctx parameter from the sysdb_search moduleMichal Zidek2013-11-157-50/+27
|
* SYSDB: Drop the sysdb_ctx parameter from the autofs APIJakub Hrozek2013-11-151-2/+2
|
* PAC: Free config attribute when it's processedJakub Hrozek2013-11-141-0/+1
|
* responder: Access packet header using SAFEALIGN macros.Michal Zidek2013-11-071-37/+68
| | | | | resolves: https://fedorahosted.org/sssd/ticket/1359
* NSS: Set packet length for initgroupsLukas Slebodnik2013-11-071-0/+7
| | | | | | | | | | Some groups could be skipped, but packet length was not trimmed. This is a reason why valgrind reported access to uninitialised bytes. Actually, it isn't a problem, because the first uint32 in body is number of sended gids. Resolves: https://fedorahosted.org/sssd/ticket/2138
* free idmapped binary SIDs correctlyPavel Březina2013-11-071-1/+1
| | | | | Resolves: https://fedorahosted.org/sssd/ticket/2133
* free idmapped SIDs correctlyPavel Březina2013-11-072-2/+4
| | | | | Resolves: https://fedorahosted.org/sssd/ticket/2133
* Include ext headers with #include <foo.h> - contPavel Reichl2013-11-041-1/+1
| | | | Changing style of including header files from outside of sssd tree - from "header.h" to <header.h>
* NSS: Fix parenthesisJakub Hrozek2013-10-301-1/+1
|
* NSS: Use new safealign macros in NSS responderJakub Hrozek2013-10-291-2/+2
|
* NSS: Fix service enumerationJakub Hrozek2013-10-291-1/+5
| | | | | | | The code wrote into the middle of the packet to a space that was already reserved and allocated but then still advanced the pointer to the buffer. https://fedorahosted.org/sssd/ticket/2124
* NSS: Print FQDN for groups with mixed domain membershipJakub Hrozek2013-10-291-9/+64
| | | | | | | | | | | | | | | | | This patch is a workaround until https://fedorahosted.org/sssd/ticket/2129 is fixed properly. Consider a group entry such as: cn: subgroup@subdom ghost: someuser ghost: anotheruser@subdom Currently in order to print all group members as FQDN (which is the default for AD provider), the code needs to iterate over the ghost attributes and parse them into (name,domain) and optionally re-add the domain. The proper fix would be to store always just the FQDN in the hardcoded form of user@domain
* UTIL: Move sss_parse_name_for_domains declaration to util.hJakub Hrozek2013-10-221-5/+0
|
* Remove duplicate declarationJakub Hrozek2013-10-221-4/+0
|
* Include external headers with #include <foo.h>Jakub Hrozek2013-10-228-23/+32
| | | | | | I find it more readable to include headers from outside the sssd tree with <foo.h>, not "foo.h". The latter should be used for in-tree headers only.
* nss: wait for initial subdomains request to finishPavel Březina2013-10-171-0/+14
| | | | | | | | | | | | AD provider downloads domain information and initalizes ID mapping during subdomains request. This information is necessary to lookup objects without POSIX attributes. We need to make sure that we postpone all responder requests until ID mapping is initialized in the provider. Resolves: https://fedorahosted.org/sssd/ticket/2092
* sudo: improve time restrictions debug messagesPavel Březina2013-10-011-0/+7
|
* NSS: Failure to store entry negative cache should not be fatalJakub Hrozek2013-09-251-18/+31
| | | | | The only effect the failure to store a result to negative cache might have would be a slower lookup next time.
* NSS: Set UID and GID to negative cache after searching all domainsJakub Hrozek2013-09-251-66/+105
| | | | | | | https://fedorahosted.org/sssd/ticket/2090 Previously, when searching by UID or GID, the negative cache will only work in case the UID was searched for using fully qualified names.
* Include header file in implementation module.Lukas Slebodnik2013-09-242-0/+2
| | | | | Declarations of public functions was in header files, but header files was not included in implementation file.
* mmap_cache: Use two chains for hash collision.Lukas Slebodnik2013-09-231-18/+48
| | | | | | | | | | | | | | | | | | | | | | | struct sss_mc_rec had two hash members (hash1 and hash2) but only one next member. This was a big problem in case of higher probability of hash collision. structure sss_mc_rec will have two next members (next1, next2) with this patch. next1 is related to hash1 and next2 is related to hash1. Iterating over chains is changed, because we need to choose right next pointer. Right next pointer will be chosen after comparing record hashes. This behaviour is wrapped in function sss_mc_next_slot_with_hash. Adding new record to chain is also changed. The situation is very similar to iterating. We need to choose right next pointer (next1 or next2). Right next pointer will be chosen after comparing record hashes. Adding reference to next slot is wrapped in function sss_mc_chain_slot_to_record_with_hash Size of structure sss_mc_rec was increased from 32 bytes to 40 bytes. Resolves: https://fedorahosted.org/sssd/ticket/2049
* Revert "mmap_cache: Skip records which doesn't have same hash"Lukas Slebodnik2013-09-231-34/+2
| | | | This reverts commit 4662725ffef62b3b2502481438effa7c8fef9f80.
* RESPONDER: Use right function prototypeLukas Slebodnik2013-09-202-1/+2
| | | | | | | Protype of function sss_ncache_check_netgr was different than definition of function sss_ncache_check_netgr. We did not catch it, because header file "responder/common/negcache.h" was not included in implementation file "responder/common/negcache.c"
* nss: Wrong debug message.Michal Zidek2013-09-171-1/+2
|
* util: add sss_idmap_talloc[_free]Pavel Březina2013-09-172-22/+4
| | | | Remove code duplication.
* Add missing new line in DEBUG messageLukas Slebodnik2013-09-161-2/+3
|
* Fix formating of variables with type: gid_tLukas Slebodnik2013-09-111-2/+2
|
* Fix formating of variables with type: uid_tLukas Slebodnik2013-09-111-2/+2
|
* Fix formating of variables with type defined in stdint.hLukas Slebodnik2013-09-111-6/+7
|
* Fix formating of variables with type: rlim_tLukas Slebodnik2013-09-111-5/+5
|
* Fix formating of variables with type: size_tLukas Slebodnik2013-09-112-2/+2
|
* Fix formating of variables with type: unsigned longLukas Slebodnik2013-09-111-1/+1
|
* mmap_cache: Do not remove record from chain twiceLukas Slebodnik2013-09-091-0/+6
| | | | | | | | | | | It is not very likely, that record will have the same hash1 and hash2, but it is possible. In this situation, it does not make sense to remove record twice. Function sss_mc_rm_rec_from_chain was not robust and sssd_nss could crash in this situation. It was only possible if record was alone in chain. Resolves: https://fedorahosted.org/sssd/ticket/2049
* Include sys/types.h for types id_t and uid_tLukas Slebodnik2013-09-031-0/+1
|
* DP: Use the correct type for DBus booleanJakub Hrozek2013-08-281-2/+5
| | | | https://fedorahosted.org/sssd/ticket/2057
* NSS: Descend into subdomains if enumerate=trueJakub Hrozek2013-08-281-12/+12
| | | | | | Since we now store the enumerate flag in sysdb for subdomains, we can always descend to all available subdomains and if they do not allow enumeration, simply skip them.
* mmap_cache: Use stricter check for hash keys.Lukas Slebodnik2013-08-281-4/+6
| | | | ht_size is size of hash_table in bytes, but hash keys have type uint32_t
* mmap_cache: Skip records which doesn't have same hashLukas Slebodnik2013-08-281-2/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The code uses 2 hashes for each record, but only one hash table to index them both, furthermore each record has only one single 'next' pointer. This means that in certain conditions a record main end up being on a hash chain even though its hashes do not match the hash chain. This can happen when another record 'drags' it in from another hash chain where they both belong. If the record without matching hashes happens to be the second of the chain and the first record is removed, then the non matching record is left on the wrong chain. On removal of the non-matching record the hash chain will not be updated and the hash chain will end up pointing to an invalid slot. This slot may be later reused for another record and may not be the first slot of this new record. In this case the hash chain will point to arbitrary data and may cause issues if the slot is interpreted as the head of a record. By skipping any block that has no matching hashes upon removing the first record in a chain we insure that dangling references cannot be left in the hash table Resolves: https://fedorahosted.org/sssd/ticket/2049
generated by cgit (git 2.34.1) at 2024-11-20 00:37:18 +0000