sssd.git/src/responder, branch my-master Experimental work on SSSD - Systen Security Services Daemon Add alias attribute to nss responder structures 2013-01-04T19:40:52+00:00 Simo Sorce simo@redhat.com 2012-10-16T22:07:42+00:00 c3b18225c79a1fd3c5e92aef97759b04daa5a5d6 Add plumbing to allow to push down an alias attribute to be used by the memory cache. 
Add plumbing to allow to push down an alias attribute to be used by
the memory cache.
Add alias argument to mmap_cache account store fns 2013-01-04T19:40:17+00:00 Simo Sorce simo@redhat.com 2012-10-16T21:16:54+00:00 2d468a06e14672a3012f2cf55720903000061c7d Basic plumbing to allow passing an alias down to mmap cache functions. 
Basic plumbing to allow passing an alias down to mmap cache functions.
Change memory cache layout to add optional key 2013-01-04T19:39:23+00:00 Simo Sorce simo@redhat.com 2012-10-16T19:32:48+00:00 b5a99bebff5f7455d9b8bd89f0a81de587c5a9c0 This bumps the cache major number to 1 as this change is incompatible with current clients. The addiotinal key is used to allow name aliases to be added to user and group entries. Aliases are a string that can be looked up via the getpwname and getgrnam calls, and are useful to to fetch entries by alternate names. Currently only one, optional alias is allowed. 
This bumps the cache major number to 1 as this change is incompatible
with current clients.
The addiotinal key is used to allow name aliases to be added to user
and group entries. Aliases are a string that can be looked up via the
getpwname and getgrnam calls, and are useful to to fetch entries by
alternate names.
Currently only one, optional alias is allowed.
failover: Protect against empty host names 2013-01-02T16:44:09+00:00 Michal Zidek mzidek@redhat.com 2012-10-15T10:21:00+00:00 04759b59e71c78ab23b84d13dd29d9c6dd680adb Added new parameter to split_on_separator that allows to skip empty values. The whole function was rewritten. Unit test case was added to check the new implementation. https://fedorahosted.org/sssd/ticket/1484 
Added new parameter to split_on_separator that allows to skip
empty values.

The whole function was rewritten. Unit test case was added to
check the new implementation.

https://fedorahosted.org/sssd/ticket/1484
mmap cache: invalidate cache on fatal error 2012-12-20T18:55:19+00:00 Simo Sorce simo@redhat.com 2012-12-20T02:17:40+00:00 0e6c9d03cacf24de4265ee0f902c216ba5a131c9 If a fatal EFAULT error is returned by the internal function that frees used memory invalidate the whole cache and reinit it. This way we avoid further corruption and insure clients see consistent data. Also insure we use the right context in init() and we use talloc_zfree() in reinit so that if the init() later fails we do not leave around a pointer to free memory in the callers. 
If a fatal EFAULT error is returned by the internal function that frees used
memory invalidate the whole cache and reinit it. This way we avoid further
corruption and insure clients see consistent data.

Also insure we use the right context in init() and we use talloc_zfree() in
reinit so that if the init() later fails we do not leave around a pointer
to free memory in the callers.
Carefully check records when forcibly invalidating 2012-12-20T18:55:02+00:00 Simo Sorce simo@redhat.com 2012-12-20T04:10:25+00:00 6acf7c92ab38ad388295b2d57cc97c4598aa95cc We should never try to invalidate an already invalid record as internal pointers will not be consistent. Carefully test that the record really is valid when we are fishing for free space, and properly invalidate records or return a fatal error if something goes wrong. In order to make the code more robust always invalidate the whole data space on initialization by setting all bits to 1, and make sure to invalidate the whole last allocated slot by converting rec->len to the number of slots instead of just the space used. 
We should never try to invalidate an already invalid record as
internal pointers will not be consistent. Carefully test that the
record really is valid when we are fishing for free space, and
properly invalidate records or return a fatal error if something
goes wrong.
In order to make the code more robust always invalidate the whole
data space on initialization by setting all bits to 1, and make sure
to invalidate the whole last allocated slot by converting rec->len to
the number of slots instead of just the space used.
Update free table when records are invalidated. 2012-12-20T18:55:02+00:00 Simo Sorce simo@redhat.com 2012-12-20T04:10:24+00:00 da4c23b6670adb45f71cf51aaeca8df30c2144be We were holding up slots when entries were invalidated directly an not through our primitive garbage collection scheme. 
We were holding up slots when entries were invalidated directly an not through
our primitive garbage collection scheme.
nss_mc: Add extra checks when dereferencing records 2012-12-20T18:55:02+00:00 Simo Sorce simo@redhat.com 2012-12-19T16:56:27+00:00 8437e782fdf97945e9e0c2a793ffaf49abc2c0ca Although it should enver happen that we pass in an invalid hash it is always better to just not do anything than access memory ouf of the hash table. It can lead to segfaults, or worse referencing memory that should not be touched. 
Although it should enver happen that we pass in an invalid hash it
is always better to just not do anything than access memory ouf of
the hash table. It can lead to segfaults, or worse referencing
memory that should not be touched.
sssd_nss: Plug memory leaks 2012-12-19T17:39:52+00:00 Simo Sorce simo@redhat.com 2012-12-19T13:48:06+00:00 1f15b746e77f54ad82e1cb5c74f29d327b851c5a A recent patch introduced a glaring memory leak in the routines that clean up memcache memory on initgroups calls. 
A recent patch introduced a glaring memory leak in the routines that clean up
memcache memory on initgroups calls.
responder_dp: Add timeout to side requets 2012-12-18T17:42:11+00:00 Simo Sorce simo@redhat.com 2012-12-14T19:59:21+00:00 185dcb88690f45c7886c95076bd189877aef2289 This is an additional proteciont in case the provider misbheaves to avoid having requests pending forever. Fixes: https://fedorahosted.org/sssd/ticket/1717 
This is an additional proteciont in case the provider misbheaves to avoid
having requests pending forever.

Fixes: https://fedorahosted.org/sssd/ticket/1717